OpenSSL certificate parsing infinite loop causing denial of service — exploitable via TLS client certificates and code signing in supply chain. Update OpenSSL to 1.1.1n/3.0.2. Prioritize internet-facing TLS endpoints accepting client-side certificates.
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. OpenSSL infinite loop.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →