FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- Use after free vulnerability

Affected packages
openssl < 3.0.13_5,1
openssl31 < 3.1.5_5
openssl32 < 3.2.1_5
openssl33 < 3.3.0_2
openssl-quictls < 3.0.13_5
openssl31-quictls < 3.1.5_5

Details

VuXML ID 73a697d7-1d0f-11ef-a490-84a93843eb75
Discovery 2024-05-28
Entry 2024-05-28

The OpenSSL project reports:

Use After Free with SSL_free_buffers (low).

Calling the OpenSSL API function SSL_free_buffers may cause memory to be accessed that was previously freed in some situations

[source]

References

CVE Name CVE-2024-4741
URL https://www.openssl.org/news/secadv/20240528.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.