6 matches found
SUSE-SU-2025:21213-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...
OPENSUSE-SU-2025:20164-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap bsc1250232 - CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM bsc1250233 - CVE-2025-9232: Fixed out-of-bounds read in HTTP client noproxy handling...
Out-of-bounds read in HTTP client no_proxy handling
...
OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Windows
OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenSSL DoS Vulnerability (20250930, CVE-2025-9232) - Linux
OpenSSL is prone to a denial of service DoS vulnerability due to an out-of-bounds read in HTTP client noproxy handling. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2025-9232
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...