An integer underflow vulnerability leading to an out of bounds read has been reported in OpenSSL. This vulnerability is due to the handling of truncated blocks in 32-bit versions of OpenSSL when using the ChaCha20-Poly1305 cipher in OpenSSL 1.1.x and the RC4-MD5 cipher in OpenSSL 1.0.x.
