OpenSSL have published a security advisory. Here's how it affects BoringSSL:
| CVE | Summary | Severity in OpenSSL | Impact to BoringSSL |
|---|---|---|---|
| CVE-2024-9143 | Low-level invalid GF(2^m) parameters lead to OOB memory access | Low | Not affected; code was removed when BoringSSL forked |