CVE-2024-5535
Published: 27 June 2024
SSL_select_next_proto buffer overread
Notes
Author | Note |
---|---|
Priority reason: OpenSSL developers have rated this issue has being low severity |
|
mdeslaur | This affects all 3.x versions, 1.1.1, and 1.0.2 |
Priority
Status
Package | Release | Status |
---|---|---|
edk2 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
mantic |
Needs triage
|
|
noble |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
nodejs Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Not vulnerable
(uses system openssl)
|
|
jammy |
Needed
|
|
mantic |
Not vulnerable
(uses system openssl)
|
|
noble |
Not vulnerable
(uses system openssl)
|
|
trusty |
Not vulnerable
(uses system openssl)
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
openssl Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
jammy |
Needs triage
|
|
mantic |
Needs triage
|
|
noble |
Needs triage
|
|
trusty |
Needs triage
|
|
upstream |
Needs triage
|
|
xenial |
Needs triage
|
|
Patches: upstream: https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c |
||
openssl1.0 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Needs triage
|