Follow up to the CVE-2022-4304 - The Marvin Attack

Hubert Kario hkario at redhat.com
Tue Sep 26 21:18:40 UTC 2023


Hello,

Many people asked me about the technical details of the attack used in
CVE-2022-4304, as promised, I'm now making public the new approach,
together with all the technical details and reproducers.

You can find all of the information on the vulnerability web page:
https://people.redhat.com/~hkario/marvin/
-- 
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic



More information about the openssl-users mailing list