CVE-2024-4741
Published: 28 May 2024
Use After Free with SSL_free_buffers
Notes
| Author | Note |
|---|---|
Priority reason: Upstream OpenSSL developers have rated this as being a low severity issue |
|
| mdeslaur |
1.0.2 is not affected, 1.1.1, and 3.x are affected |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
edk2
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Needed
|
|
| jammy |
Needed
|
|
| mantic |
Ignored
(end of life, was needed)
|
|
| noble |
Needed
|
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|
|
|
nodejs
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Not vulnerable
(uses system openssl)
|
|
| jammy |
Needed
|
|
| mantic |
Not vulnerable
(uses system openssl)
|
|
| noble |
Not vulnerable
(uses system openssl)
|
|
| trusty |
Not vulnerable
(uses system openssl)
|
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|
|
|
openssl
Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Released
(1.1.1f-1ubuntu2.23)
|
|
| jammy |
Released
(3.0.2-0ubuntu1.17)
|
|
| mantic |
Ignored
(end of life, was needed)
|
|
| noble |
Released
(3.0.13-0ubuntu3.2)
|
|
| trusty |
Needs triage
|
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|
|
|
Patches:
upstream: https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d upstream: https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac |
||
|
openssl1.0
Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(1.0.2 not affected)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| mantic |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Needs triage
|
|