OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions

The OpenSSL Project has released a new security advisory addressing three vulnerabilities affecting multiple versions of the widely used cryptographic library. The issues range from denial-of-service to potential remote code execution and private key recovery, with severity ratings from Low to Moderate.

CVE-2025-9230: Out-of-Bounds Read & Write in RFC 3211 KEK Unwrap

The most critical of the three flaws is CVE-2025-9230, a Moderate severity vulnerability impacting applications that attempt to decrypt CMS messages encrypted with password-based encryption. According to the advisory:

“An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.”

The consequences can range from a crash leading to denial of service to execution of attacker-supplied code. However, the OpenSSL team notes that the likelihood of successful exploitation is low because “password based (PWRI) encryption support in CMS messages is very rarely used.”

All major versions, including OpenSSL 3.5, 3.4, 3.3, 3.2, 3.0, 1.1.1, and 1.0.2, are affected. Users are strongly advised to upgrade to the latest patched versions: 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.1.1zd, and 1.0.2zm (the latter two for premium support customers).

CVE-2025-9231: Timing Side-Channel in SM2 on ARM64

The second vulnerability, CVE-2025-9231, is another Moderate severity flaw affecting the SM2 algorithm implementation on 64-bit ARM platforms.

The advisory warns: “A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recovering the private key by an attacker.”

Although OpenSSL does not directly support SM2 certificates in TLS, the risk emerges when custom providers enable SM2 keys. In such cases, attackers might remotely recover private keys via timing measurements. Versions 3.5, 3.4, 3.3, and 3.2 are vulnerable and should be updated immediately to their respective patched releases.

CVE-2025-9232: Out-of-Bounds Read in HTTP Client no_proxy Handling

The third flaw, CVE-2025-9232, carries a Low severity rating. It affects OpenSSL’s HTTP client API when the no_proxy environment variable is set and the URL contains an IPv6 address.

As the advisory explains: “An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the ‘no_proxy’ environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address.”

While exploitation is limited to denial of service via crashes, the bug also affects higher-level components that rely on the HTTP client, such as OCSP and CMP clients. Still, the advisory stresses that attacker-controlled URLs are unlikely in most real-world scenarios.

The OpenSSL team emphasizes that the FIPS modules in versions 3.0 through 3.5 are not impacted by these flaws, as the vulnerable code lies outside the FIPS module boundary.

Related Posts:

• NailaoLocker Ransomware: Chinese SM2 Crypto and Built-in Decryptor Raise Questions
• Microsoft Tackles Speculative Execution Security with New PowerShell Script
• OpenSSL change development strategy: switch to the GitHub issue to discuss the patch
• A British research team can extract data from keystrokes with 95% accuracy