FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- Unbounded memory growth with session handling in TLSv1.3

Affected packages
openssl < 3.0.13_3,1
openssl31 < 3.1.5_3
openssl32 < 3.2.1_2
openssl-quictls < 3.0.13_3
openssl31-quictls < 3.1.5_1


VuXML ID 7c217849-f7d7-11ee-a490-84a93843eb75
Discovery 2024-04-08
Entry 2024-04-11

The OpenSSL project reports:

Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions


CVE Name CVE-2024-2511