CVE-2024-2511

Source
https://cve.org/CVERecord?id=CVE-2024-2511
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2511.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-2511
Downstream
Related
Published
2024-04-08T13:51:12.349Z
Modified
2026-07-14T17:15:48.467774Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Unbounded memory growth with session handling in TLSv1.3
Details

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions

Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service

This problem can occur in TLSv1.3 if the non-default SSLOPNOTICKET option is being used (but not if earlydata support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation.

This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients.

The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.

Database specific
{
    "cna_assigner": "openssl",
    "cwe_ids": [
        "CWE-1325"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/2xxx/CVE-2024-2511.json"
}
References

Affected packages

Git / github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "3.2.0"
        },
        {
            "fixed": "3.2.2"
        },
        {
            "introduced": "3.1.0"
        },
        {
            "fixed": "3.1.6"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.0.14"
        },
        {
            "introduced": "1.1.1"
        },
        {
            "fixed": "1.1.1y"
        }
    ]
}

Affected versions

openssl-3.*
openssl-3.0.0
openssl-3.0.1
openssl-3.0.10
openssl-3.0.11
openssl-3.0.12
openssl-3.0.13
openssl-3.0.2
openssl-3.0.3
openssl-3.0.4
openssl-3.0.5
openssl-3.0.6
openssl-3.0.7
openssl-3.0.8
openssl-3.0.9
openssl-3.1.0
openssl-3.1.1
openssl-3.1.2
openssl-3.1.3
openssl-3.1.4
openssl-3.1.5
openssl-3.2.0
openssl-3.2.1

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2511.json"
vanir_signatures_modified
"2026-07-14T17:15:48Z"
vanir_signatures
[
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Line",
        "id": "CVE-2024-2511-05d21ef6",
        "digest": {
            "line_hashes": [
                "237068005254384937667547875889483844978",
                "113915117782040053630255145392358530759",
                "66103385765130290457162085093933223558",
                "162382651939373866582061212683682848533",
                "76408188136838676687937324189907664685",
                "260125722951887923555973287923469516789",
                "162168863295799619329617944683703962609",
                "159264430167139000382594925269229087884",
                "218625742145348075137939568597510799794",
                "132262577977491748484833362742782862377",
                "149880655905331652701777215391255866459"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Function",
        "id": "CVE-2024-2511-085be921",
        "digest": {
            "length": 1940.0,
            "function_hash": "282121092333121823000089348211305663540"
        },
        "deprecated": false,
        "target": {
            "function": "tls_construct_server_hello",
            "file": "ssl/statem/statem_srvr.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Function",
        "id": "CVE-2024-2511-1ac95f2f",
        "digest": {
            "length": 2851.0,
            "function_hash": "212954300303107326089724544104956651196"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_session_dup",
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Function",
        "id": "CVE-2024-2511-27ee7cf8",
        "digest": {
            "length": 2619.0,
            "function_hash": "7635606872942867414870440948978544895"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_session_dup",
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Function",
        "id": "CVE-2024-2511-30888480",
        "digest": {
            "length": 1325.0,
            "function_hash": "242839529669032139629079760961191258975"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_update_cache",
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Function",
        "id": "CVE-2024-2511-4880e2a0",
        "digest": {
            "length": 2619.0,
            "function_hash": "7635606872942867414870440948978544895"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_session_dup",
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Line",
        "id": "CVE-2024-2511-4edd43bb",
        "digest": {
            "line_hashes": [
                "70837027254147380184232394837312893826",
                "35849081333738844367146501708823095500",
                "200567339918318236680609037933296929430",
                "45616768372581396962167201247601357857"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Line",
        "id": "CVE-2024-2511-535073f1",
        "digest": {
            "line_hashes": [
                "175923431394192972363936778328285162033",
                "38339879515594619117610231575660264724",
                "174681001384431283175637828303769415213",
                "131831670793621309890501412306824758312",
                "329438803076000449442289115165415388072",
                "195726165541695366769363416913210763411"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/statem/statem_srvr.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Line",
        "id": "CVE-2024-2511-617b54c9",
        "digest": {
            "line_hashes": [
                "70837027254147380184232394837312893826",
                "35849081333738844367146501708823095500",
                "200567339918318236680609037933296929430",
                "45616768372581396962167201247601357857"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Function",
        "id": "CVE-2024-2511-6cc0b590",
        "digest": {
            "length": 1325.0,
            "function_hash": "242839529669032139629079760961191258975"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_update_cache",
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Function",
        "id": "CVE-2024-2511-8815d9ec",
        "digest": {
            "length": 1940.0,
            "function_hash": "282121092333121823000089348211305663540"
        },
        "deprecated": false,
        "target": {
            "function": "tls_construct_server_hello",
            "file": "ssl/statem/statem_srvr.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d",
        "signature_type": "Line",
        "id": "CVE-2024-2511-8d10cd60",
        "digest": {
            "line_hashes": [
                "237068005254384937667547875889483844978",
                "113915117782040053630255145392358530759",
                "66103385765130290457162085093933223558",
                "162382651939373866582061212683682848533",
                "76408188136838676687937324189907664685",
                "260125722951887923555973287923469516789",
                "162168863295799619329617944683703962609",
                "159264430167139000382594925269229087884",
                "218625742145348075137939568597510799794",
                "132262577977491748484833362742782862377",
                "149880655905331652701777215391255866459"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Line",
        "id": "CVE-2024-2511-90c67130",
        "digest": {
            "line_hashes": [
                "237068005254384937667547875889483844978",
                "113915117782040053630255145392358530759",
                "66103385765130290457162085093933223558",
                "162382651939373866582061212683682848533",
                "76408188136838676687937324189907664685",
                "260125722951887923555973287923469516789",
                "162168863295799619329617944683703962609",
                "159264430167139000382594925269229087884",
                "218625742145348075137939568597510799794",
                "132262577977491748484833362742782862377",
                "149880655905331652701777215391255866459"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_sess.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Function",
        "id": "CVE-2024-2511-a7e112c0",
        "digest": {
            "length": 2052.0,
            "function_hash": "179926413095981420004483889142535469138"
        },
        "deprecated": false,
        "target": {
            "function": "tls_construct_server_hello",
            "file": "ssl/statem/statem_srvr.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Function",
        "id": "CVE-2024-2511-adc20d36",
        "digest": {
            "length": 1338.0,
            "function_hash": "122597478856692738374150515729258319484"
        },
        "deprecated": false,
        "target": {
            "function": "ssl_update_cache",
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e04bd3433fd84e1861bf258ea37928d9845e6a86",
        "signature_type": "Line",
        "id": "CVE-2024-2511-c377fa22",
        "digest": {
            "line_hashes": [
                "28170854778703993674264004058177114599",
                "73132526844288570625317440636111911761",
                "177405411499435185068645597737938634778",
                "224809958623850711330610094965797758930",
                "295554444428855106393106961197201359586"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "include/openssl/opensslv.h"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Line",
        "id": "CVE-2024-2511-ce686be8",
        "digest": {
            "line_hashes": [
                "93537334691950515621301137830879284931",
                "35849081333738844367146501708823095500",
                "200567339918318236680609037933296929430",
                "45616768372581396962167201247601357857"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/ssl_lib.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce",
        "signature_type": "Line",
        "id": "CVE-2024-2511-debfdb2d",
        "digest": {
            "line_hashes": [
                "175923431394192972363936778328285162033",
                "38339879515594619117610231575660264724",
                "174681001384431283175637828303769415213",
                "131831670793621309890501412306824758312",
                "329438803076000449442289115165415388072",
                "195726165541695366769363416913210763411"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/statem/statem_srvr.c"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08",
        "signature_type": "Line",
        "id": "CVE-2024-2511-f21161fc",
        "digest": {
            "line_hashes": [
                "307259160925884979239909551177310072787",
                "259789776830101890545412969749917438549",
                "240979021145574152778594971926175841334",
                "307251461390486550372699034100303709344",
                "307443394972201777838578310877614697806",
                "195726165541695366769363416913210763411"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "ssl/statem/statem_srvr.c"
        }
    }
]