32.Lock Code Circular

Multiple important denial of service (DoS) vulnerabilities (CVE-2023-0464 and CVE-2023-2650) have been discovered in the OpenSSL Secure Sockets Layer toolkit. These bugs are easy to exploit and have a high availability impact.

These flaws could be exploited to carry out DoS attacks resulting in loss of system access and potential compromise.

An OpenSSL security update that fixes these vulnerabilities has been released. We strongly encourage all impacted users to apply the OpenSSL updates issued by their distro(s) now to protect against attacks leading to system downtime and compromise.

To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.

Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).