Bug 2396054 (CVE-2025-9230) - CVE-2025-9230 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
Summary: CVE-2025-9230 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
Keywords:
Status: NEW
Alias: CVE-2025-9230
Deadline: 2025-09-30
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2400658 2400660 2400670 2400672 2400659 2400661 2400662 2400663 2400664 2400665 2400666 2400668 2400674 2400676 2400678 2400680 2400682
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-09-17 12:18 UTC by OSIDB Bzimport
Modified: 2026-02-02 14:36 UTC (History)
68 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:21347 0 None None None 2025-11-13 15:24:47 UTC
Red Hat Product Errata RHBA-2025:21465 0 None None None 2025-11-17 08:35:33 UTC
Red Hat Product Errata RHBA-2025:21769 0 None None None 2025-11-19 15:51:02 UTC
Red Hat Product Errata RHBA-2025:21822 0 None None None 2025-11-20 08:38:32 UTC
Red Hat Product Errata RHBA-2025:22094 0 None None None 2025-11-25 16:37:07 UTC
Red Hat Product Errata RHBA-2025:22108 0 None None None 2025-11-25 20:05:06 UTC
Red Hat Product Errata RHBA-2025:22359 0 None None None 2025-12-01 01:02:02 UTC
Red Hat Product Errata RHBA-2026:0373 0 None None None 2026-01-08 16:24:36 UTC
Red Hat Product Errata RHBA-2026:0375 0 None None None 2026-01-08 16:34:15 UTC
Red Hat Product Errata RHBA-2026:0377 0 None None None 2026-01-08 16:31:38 UTC
Red Hat Product Errata RHBA-2026:0462 0 None None None 2026-01-12 13:33:09 UTC
Red Hat Product Errata RHBA-2026:0463 0 None None None 2026-01-12 14:20:25 UTC
Red Hat Product Errata RHBA-2026:0488 0 None None None 2026-01-13 09:40:07 UTC
Red Hat Product Errata RHBA-2026:0494 0 None None None 2026-01-13 12:54:14 UTC
Red Hat Product Errata RHBA-2026:0521 0 None None None 2026-01-13 16:22:46 UTC
Red Hat Product Errata RHBA-2026:0631 0 None None None 2026-01-14 20:13:27 UTC
Red Hat Product Errata RHBA-2026:0632 0 None None None 2026-01-14 20:28:19 UTC
Red Hat Product Errata RHBA-2026:0706 0 None None None 2026-01-15 13:25:35 UTC
Red Hat Product Errata RHBA-2026:0809 0 None None None 2026-01-19 15:56:46 UTC
Red Hat Product Errata RHSA-2025:21174 0 None None None 2025-11-12 22:22:35 UTC
Red Hat Product Errata RHSA-2025:21248 0 None None None 2025-11-13 11:05:54 UTC
Red Hat Product Errata RHSA-2025:21255 0 None None None 2025-11-13 11:26:39 UTC
Red Hat Product Errata RHSA-2025:21562 0 None None None 2025-11-17 15:18:20 UTC
Red Hat Product Errata RHSA-2025:22794 0 None None None 2025-12-08 01:35:04 UTC
Red Hat Product Errata RHSA-2026:0332 0 None None None 2026-01-15 18:55:09 UTC
Red Hat Product Errata RHSA-2026:0337 0 None None None 2026-01-08 12:44:46 UTC
Red Hat Product Errata RHSA-2026:0420 0 None None None 2026-01-14 13:24:23 UTC
Red Hat Product Errata RHSA-2026:0602 0 None None None 2026-01-14 14:40:37 UTC
Red Hat Product Errata RHSA-2026:0674 0 None None None 2026-01-22 20:17:56 UTC
Red Hat Product Errata RHSA-2026:0702 0 None None None 2026-01-22 19:07:39 UTC
Red Hat Product Errata RHSA-2026:0714 0 None None None 2026-01-15 15:56:13 UTC
Red Hat Product Errata RHSA-2026:0794 0 None None None 2026-01-19 11:08:54 UTC
Red Hat Product Errata RHSA-2026:0887 0 None None None 2026-01-20 16:09:44 UTC
Red Hat Product Errata RHSA-2026:1349 0 None None None 2026-01-27 13:56:34 UTC
Red Hat Product Errata RHSA-2026:1475 0 None None None 2026-01-28 09:17:38 UTC
Red Hat Product Errata RHSA-2026:1720 0 None None None 2026-02-02 14:36:31 UTC

Description OSIDB Bzimport 2025-09-17 12:18:14 UTC 
Issue summary: An application trying to decrypt CMS messages encrypted using
password based encryption can trigger an out-of-bounds read and write.

Impact summary: This out-of-bounds read may trigger a crash which leads to
Denial of Service for an application. The out-of-bounds write can cause
a memory corruption which can have various consequences including
a Denial of Service or Execution of attacker-supplied code.

Although the consequences of a successful exploit of this vulnerability
could be severe, the probability that the attacker would be able to
perform it is low. Besides, password based (PWRI) encryption support in CMS
messages is very rarely used. For that reason the issue was assessed as
Moderate severity according to our Security Policy.

The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this
issue, as the CMS implementation is outside the OpenSSL FIPS module
boundary.

OpenSSL 3.5, 3.4, 3.3, 3.2, 3.0 and 1.1.1 are vulnerable to this issue.
Comment 2 errata-xmlrpc 2025-11-12 22:22:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2025:21174 https://access.redhat.com/errata/RHSA-2025:21174
Comment 3 errata-xmlrpc 2025-11-13 11:05:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:21248 https://access.redhat.com/errata/RHSA-2025:21248
Comment 4 errata-xmlrpc 2025-11-13 11:26:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:21255 https://access.redhat.com/errata/RHSA-2025:21255
Comment 5 errata-xmlrpc 2025-11-17 15:18:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:21562 https://access.redhat.com/errata/RHSA-2025:21562
Comment 6 errata-xmlrpc 2025-12-08 01:34:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2025:22794 https://access.redhat.com/errata/RHSA-2025:22794
Comment 8 errata-xmlrpc 2026-01-08 12:44:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:0337 https://access.redhat.com/errata/RHSA-2026:0337
Comment 10 errata-xmlrpc 2026-01-14 13:24:16 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.20

Via RHSA-2026:0420 https://access.redhat.com/errata/RHSA-2026:0420
Comment 11 errata-xmlrpc 2026-01-14 14:40:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:0602 https://access.redhat.com/errata/RHSA-2026:0602
Comment 12 errata-xmlrpc 2026-01-15 15:56:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:0714 https://access.redhat.com/errata/RHSA-2026:0714
Comment 13 errata-xmlrpc 2026-01-15 18:55:02 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.18

Via RHSA-2026:0332 https://access.redhat.com/errata/RHSA-2026:0332
Comment 14 errata-xmlrpc 2026-01-19 11:08:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:0794 https://access.redhat.com/errata/RHSA-2026:0794
Comment 15 errata-xmlrpc 2026-01-20 16:09:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2026:0887 https://access.redhat.com/errata/RHSA-2026:0887
Comment 17 errata-xmlrpc 2026-01-22 19:07:33 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2026:0702 https://access.redhat.com/errata/RHSA-2026:0702
Comment 18 errata-xmlrpc 2026-01-22 20:17:50 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.19

Via RHSA-2026:0674 https://access.redhat.com/errata/RHSA-2026:0674
Comment 19 errata-xmlrpc 2026-01-27 13:56:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:1349 https://access.redhat.com/errata/RHSA-2026:1349
Comment 20 errata-xmlrpc 2026-01-28 09:17:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:1475 https://access.redhat.com/errata/RHSA-2026:1475
Comment 21 errata-xmlrpc 2026-02-02 14:36:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:1720 https://access.redhat.com/errata/RHSA-2026:1720
Note You need to log in before you can comment on or make changes to this bug.