vulnerability
SUSE: CVE-2024-24783: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:C/A:N) | Mar 5, 2024 | Mar 8, 2024 | Dec 5, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:C/A:N)
Published
Mar 5, 2024
Added
Mar 8, 2024
Modified
Dec 5, 2025
Description
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
Solutions
suse-upgrade-go1-21suse-upgrade-go1-21-docsuse-upgrade-go1-21-opensslsuse-upgrade-go1-21-openssl-docsuse-upgrade-go1-21-openssl-racesuse-upgrade-go1-21-racesuse-upgrade-go1-22suse-upgrade-go1-22-docsuse-upgrade-go1-22-opensslsuse-upgrade-go1-22-openssl-docsuse-upgrade-go1-22-openssl-racesuse-upgrade-go1-22-race
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.