vulnerability

FreeBSD: VID-c6f4177c-8e29-11ef-98e7-84a93843eb75 (CVE-2024-9143): OpenSSL -- OOB memory access vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Oct 19, 2024	Oct 21, 2024	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Oct 19, 2024

Added

Oct 21, 2024

Modified

Dec 10, 2025

Description

The OpenSSL project reports: Low-level invalid GF(2^m) parameters lead to OOB memory access (CVE-2024-9143) (Low) Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes.

Solutions

freebsd-upgrade-package-opensslfreebsd-upgrade-package-openssl31freebsd-upgrade-package-openssl32freebsd-upgrade-package-openssl33freebsd-upgrade-package-openssl-quictlsfreebsd-upgrade-package-openssl31-quictls

References

CVE-2024-9143
https://attackerkb.com/topics/CVE-2024-9143
CWE-125
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today