OpenSSL have published a security advisory. Here's how it affects BoringSSL:
| CVE | Summary | Severity in OpenSSL | Impact to BoringSSL |
|---|---|---|---|
| CVE-2021-4044 | Invalid handling of X509_verify_cert() internal errors in libssl | Moderate | Not affected, issue was introduced after fork |
BoringSSL is not affected. The issue was introduced after the fork, in OpenSSL 3.0. It was caused by mixing up return value conventions from the X.509 implementation, where either 0 or -1 may signal an error.
To avoid similar issues, BoringSSL has narrowed APIs in other parts of the library to only return 0 on error. We plan to, but have not yet, do the same for the X.509 implementation.
Addendum January 28th, 2026: The X509_verify_cert function's return value was narrowed on December 2023.
OpenSSL 1.1.1m and OpenSSL 3.0.1 additionally include a fix for a carry overflow bug on 32-bit MIPS. BoringSSL does not include OpenSSL’s MIPS assembly and is not affected by this bug.