Memory Management Bugs Fixed in OpenSSL and GnuTLS

February 13, 2023

At the same time, a similar bug was reported in GnuTLS, identified as CVE-2023-0361. This bug appeared in code that was supposed to log timing attack errors in the first place, and was caused by the code taking different amounts of time depending on which way the code went after a “branch” instruction. Both of these bugs have now been fixed, ensuring that the security of OpenSSL and GnuTLS is maintained.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.