What is RHSA-2024:9333?

RHSA-2024:9333 is a security advisory published by Red Hat Product Security with Low severity. Red Hat Security Advisory: openssl and openssl-fips-provider security update

Which CVE IDs does RHSA-2024:9333 cover?

RHSA-2024:9333 covers the following CVE IDs: CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2024:9333?

RHSA-2024:9333 has a CVSS v3 base score of 5.9, published by Red Hat Product Security.

RHSA-2024:9333LowCVSS 5.9

Red Hat Security Advisory: openssl and openssl-fips-provider security update

Vendor

Red Hat Product Security

Published

November 12, 2024

Last Modified

June 3, 2026

🔗 CVE IDs covered (4)

CVE-2024-2511 →CVE-2024-4603 →CVE-2024-4741 →CVE-2024-5535 →

📋 Description

CVE-2024-2511 — openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-4603 — openssl: Excessive time spent checking DSA keys and parameters CVE-2024-4741 — openssl: Use After Free with SSL_free_buffers CVE-2024-5535 — openssl: SSL_select_next_proto buffer overread

🔗 References (13)

selfhttps://access.redhat.com/errata/RHSA-2024:9333
externalhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index
externalhttps://access.redhat.com/security/updates/classification/#low
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2274020
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2281029
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2283757
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2294581
externalhttps://issues.redhat.com/browse/RHEL-26271
externalhttps://issues.redhat.com/browse/RHEL-32123
externalhttps://issues.redhat.com/browse/RHEL-38514
externalhttps://issues.redhat.com/browse/RHEL-40723
externalhttps://issues.redhat.com/browse/RHEL-58662
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9333.json