The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.
| CVE Infomation | Exploits or more Infomation |
|---|---|
| mitre | EXPLOIT DATABASE |
| NVD | 0day.today |
| vulmon.com | github |
| CVE Details | |
| JVN ENG JPN | |
| Reconshell |
Software Tag: Oracle(6 tweets)
List of frequently cited URLs
List of frequently cited URLs
| URL | Num of Times Referred to |
|---|---|
| cvetrends.com | 59 |
| noticiasseguridad.com | 8 |
| www.openssl.org | 6 |
| security.sios.com | 4 |
| github.com | 3 |
| twitter.com | 3 |
| www.cve.org | 3 |
| git.openssl.org | 3 |
| thehackernews.com | 3 |
| securityonline.info | 3 |
| Name | URL |
|---|---|
| No Data | |
| Name | URL |
|---|---|
| No Data | |