diff --git a/CMakeLists.txt b/CMakeLists.txt
index 886c6366043..b14702427d1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -659,6 +659,7 @@ if (BUILD_TESTING)
     if(S2N_FUZZ_TEST)
         message(STATUS "Fuzz build enabled")
         set(SCRIPT_PATH "${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz/runFuzzTest.sh")
+        set(BUILD_DIR_PATH "${CMAKE_CURRENT_SOURCE_DIR}/build")
         file(GLOB FUZZ_TEST_SRCS "${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz/*.c")
 
         file(GLOB TESTLIB_SRC "tests/testlib/*.c")
@@ -688,7 +689,6 @@ if (BUILD_TESTING)
         endif()
 
         # Build LD_PRELOAD shared libraries
-        set(LIBRARY_OUTPUT_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz/LD_PRELOAD)
         file(GLOB LIBRARY_SRCS "${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz/LD_PRELOAD/*.c")
         foreach(SRC ${LIBRARY_SRCS})
             get_filename_component(LIB_NAME ${SRC} NAME_WE)
@@ -697,14 +697,6 @@ if (BUILD_TESTING)
                 ${CMAKE_CURRENT_SOURCE_DIR}
                 ${CMAKE_CURRENT_SOURCE_DIR}/api
             )
-            # Set the output directory and remove the default "lib" prefix
-            set_target_properties(${LIB_NAME} PROPERTIES
-                PREFIX ""
-                LIBRARY_OUTPUT_DIRECTORY ${LIBRARY_OUTPUT_DIRECTORY}
-            )
-            target_compile_options(${LIB_NAME} PRIVATE
-                -fPIC
-            )
         endforeach()
 
         set(CMAKE_C_COMPILER clang)
@@ -724,18 +716,16 @@ if (BUILD_TESTING)
                 fuzztest
             )
 
-            # Set the output directory for the fuzzing binaries
-            set(FUZZ_BIN_DIR "${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz")
-            set_target_properties(${TEST_NAME} PROPERTIES
-                RUNTIME_OUTPUT_DIRECTORY ${FUZZ_BIN_DIR}
-            )
-
             add_test(NAME ${TEST_NAME}
-                    COMMAND ${CMAKE_COMMAND} -E env
-                        DYLD_LIBRARY_PATH=${CMAKE_CURRENT_BINARY_DIR}/lib:${CMAKE_CURRENT_BINARY_DIR}/tests/testlib:${CMAKE_CURRENT_SOURCE_DIR}/libcrypto-root/lib:$ENV{DYLD_LIBRARY_PATH}
-                        LD_LIBRARY_PATH=${CMAKE_CURRENT_BINARY_DIR}/lib:${CMAKE_CURRENT_BINARY_DIR}/tests/testlib:${CMAKE_CURRENT_SOURCE_DIR}/libcrypto-root/lib:$ENV{LD_LIBRARY_PATH}
-                        bash ${SCRIPT_PATH} ${TEST_NAME} ${FUZZ_TIMEOUT_SEC} ${CORPUS_UPLOAD_LOC} ${ARTIFACT_UPLOAD_LOC}
-                    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz)
+                COMMAND ${CMAKE_COMMAND} -E env
+                    bash ${SCRIPT_PATH} 
+                    ${TEST_NAME} 
+                    ${FUZZ_TIMEOUT_SEC} 
+                    ${BUILD_DIR_PATH} 
+                    ${CORPUS_UPLOAD_LOC} 
+                    ${ARTIFACT_UPLOAD_LOC}
+                WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/tests/fuzz
+            )
             set_property(TEST ${TEST_NAME} PROPERTY LABELS "fuzz")
         endforeach()
     endif()
diff --git a/codebuild/spec/buildspec_fuzz_batch.yml b/codebuild/spec/buildspec_fuzz_batch.yml
index 5100911af08..abfe600b974 100644
--- a/codebuild/spec/buildspec_fuzz_batch.yml
+++ b/codebuild/spec/buildspec_fuzz_batch.yml
@@ -22,8 +22,10 @@ version: 0.2
 # Parameter motivation
 
 # LIBCRYPTOS
-# awslc: happy path libcrypto for s2n-tls
-# openssl 3: libcrypto that is widely used
+# awslc:         happy path libcrypto for s2n-tls
+# openssl 1.0.2: old version of libcrypto that is still supported by s2n-tls
+# openssl 1.1.1: old version of libcrypto that is still supported by s2n-tls
+# openssl 3:     libcrypto that is widely used
 
 batch:
   build-list:
@@ -37,6 +39,26 @@ batch:
         variables:
           S2N_LIBCRYPTO: awslc
           COMPILER: clang
+    - identifier: clang_openssl_1_0_2
+      buildspec: codebuild/spec/buildspec_fuzz.yml
+      debug-session: true
+      env:
+        compute-type: BUILD_GENERAL1_XLARGE
+        image: 024603541914.dkr.ecr.us-west-2.amazonaws.com/docker:ubuntu22codebuild
+        privileged-mode: true
+        variables:
+          S2N_LIBCRYPTO: openssl-1.0.2
+          COMPILER: clang
+    - identifier: clang_openssl_1_1_1
+      buildspec: codebuild/spec/buildspec_fuzz.yml
+      debug-session: true
+      env:
+        compute-type: BUILD_GENERAL1_XLARGE
+        image: 024603541914.dkr.ecr.us-west-2.amazonaws.com/docker:ubuntu22codebuild
+        privileged-mode: true
+        variables:
+          S2N_LIBCRYPTO: openssl-1.1.1
+          COMPILER: clang
     - identifier: clang_openssl_3_0
       buildspec: codebuild/spec/buildspec_fuzz.yml
       debug-session: true
diff --git a/tests/fuzz/runFuzzTest.sh b/tests/fuzz/runFuzzTest.sh
index 487b36901d2..800135bca7b 100755
--- a/tests/fuzz/runFuzzTest.sh
+++ b/tests/fuzz/runFuzzTest.sh
@@ -22,14 +22,15 @@ usage() {
     exit 1
 }
 
-if [ "$#" -ne "4" ]; then
+if [ "$#" -ne "5" ]; then
     usage
 fi
 
 TEST_NAME=$1
 FUZZ_TIMEOUT_SEC=$2
-CORPUS_UPLOAD_LOC=$3
-ARTIFACT_UPLOAD_LOC=$4
+BUILD_DIR_PATH=$3
+CORPUS_UPLOAD_LOC=$4
+ARTIFACT_UPLOAD_LOC=$5
 MIN_TEST_PER_SEC="1000"
 MIN_FEATURES_COVERED="100"
 
@@ -47,8 +48,8 @@ UBSAN_OPTIONS+="print_stacktrace=1"
 NUM_CPU_THREADS=$(nproc)
 LIBFUZZER_ARGS+="-timeout=5 -max_len=4096 -print_final_stats=1 -jobs=${NUM_CPU_THREADS} -workers=${NUM_CPU_THREADS} -max_total_time=${FUZZ_TIMEOUT_SEC}"
 
-TEST_SPECIFIC_OVERRIDES="${PWD}/LD_PRELOAD/${TEST_NAME}_overrides.so"
-GLOBAL_OVERRIDES="${PWD}/LD_PRELOAD/global_overrides.so"
+TEST_SPECIFIC_OVERRIDES="${BUILD_DIR_PATH}/lib/lib${TEST_NAME}_overrides.so"
+GLOBAL_OVERRIDES="${BUILD_DIR_PATH}/lib/libglobal_overrides.so"
 
 FUZZCOV_SOURCES="${S2N_ROOT}/api ${S2N_ROOT}/bin ${S2N_ROOT}/crypto ${S2N_ROOT}/error ${S2N_ROOT}/stuffer ${S2N_ROOT}/tls ${S2N_ROOT}/utils"
 
@@ -104,9 +105,13 @@ fi
 if [[ "$FUZZ_COVERAGE" == "true" ]]; then
     mkdir -p "./profiles/${TEST_NAME}"
     rm -f ./profiles/${TEST_NAME}/*.profraw
-    LLVM_PROFILE_FILE="./profiles/${TEST_NAME}/${TEST_NAME}.%p.profraw" ./${TEST_NAME} ${LIBFUZZER_ARGS} ${TEMP_CORPUS_DIR} > ${TEST_NAME}_output.txt 2>&1 || ACTUAL_TEST_FAILURE=1
+    LLVM_PROFILE_FILE="./profiles/${TEST_NAME}/${TEST_NAME}.%p.profraw" \
+    ${BUILD_DIR_PATH}/bin/${TEST_NAME} ${LIBFUZZER_ARGS} ${TEMP_CORPUS_DIR} \
+    > ${TEST_NAME}_output.txt 2>&1 || ACTUAL_TEST_FAILURE=1
 else
-    env LD_PRELOAD="$LD_PRELOAD_" ./${TEST_NAME} ${LIBFUZZER_ARGS} ${TEMP_CORPUS_DIR} > ${TEST_NAME}_output.txt 2>&1 || ACTUAL_TEST_FAILURE=1
+    env LD_PRELOAD="$LD_PRELOAD_" \
+    ${BUILD_DIR_PATH}/bin/${TEST_NAME} ${LIBFUZZER_ARGS} ${TEMP_CORPUS_DIR} \
+    > ${TEST_NAME}_output.txt 2>&1 || ACTUAL_TEST_FAILURE=1
 fi
 
 TEST_INFO=$(
@@ -171,7 +176,8 @@ then
     else
         # TEMP_CORPUS_DIR may contain many new inputs that only covers a small set of new branches. 
         # Instead of copying all new inputs to the corpus directory,  only copy back minimum number of new inputs that reach new branches.
-        ./${TEST_NAME} -merge=1 "./corpus/${TEST_NAME}" "${TEMP_CORPUS_DIR}" > ${TEST_NAME}_results.txt 2>&1
+        ${BUILD_DIR_PATH}/bin/${TEST_NAME} -merge=1 "./corpus/${TEST_NAME}" "${TEMP_CORPUS_DIR}" \
+        > ${TEST_NAME}_results.txt 2>&1
 
         # Print number of new files and branches found in new Inputs (if any)
         RESULTS=`grep -Eo "[0-9]+ new files .*$" ${TEST_NAME}_results.txt | tail -1`