On 21 June 2022, OpenSSL version 3.0.4 introduced a severe bug (CVE-2022-2274) in the RSA implementation for X86_64 CPUs supporting AVX512IFMA instructions. This allowed for memory corruption on RSA implementations running 2048-bit private keys. An attacker could then perform RCE (Remote Code Execution) over the network against SSL/TLS and other OpenSSL servers that support x86_64 AVX512IFMA instructions.
Article Link: HIGH OpenSSL Vulnerability Causes Stir