23289 matches found
SUSE-SU-2025:03442-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:03441-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:03440-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
Security update for openssl-3
This update for openssl-3 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:03439-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
USN-7786-1: OpenSSL vulnerabilities
Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to decrypt CMS messages encrypted with password-based encryption. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-9230 Stanislav Fort discovered that OpenSSL ha...
SUSE-SU-2025:03438-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
Security update for openssl-1_1
This update for openssl-11 fixes the following issues: CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:03437-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap bsc1250232...
CVE-2025-9230
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...
AZL-67980 CVE-2025-9230 affecting package openssl for versions less than 3.3.5-1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...
AZL-78576 CVE-2025-9230 affecting package openssl-fips-provider 3.1.2-1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...
CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
AZL-67997 CVE-2025-9230 affecting package openssl for versions less than 1.1.1k-37
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...
AZL-78588 CVE-2025-9232 affecting package openssl-fips-provider 3.1.2-1
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
AZL-67977 CVE-2025-9232 affecting package openssl for versions less than 3.3.5-1
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...
CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...