SUSE-SU-2025:03440-1

UNKNOWN

Security update for openssl-1_1

Published Sep 30, 2025

Modified 5 months ago

Fix available

Details

This update for openssl-1_1 fixes the following issues:

CVE-2025-9230: incorrect check of key size can lead to out-of-bounds read and write in RFC 3211 KEK unwrap (bsc#1250232).

Affected Packages

libopenssl-1_1-devel

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Micro 5.1SUSE Linux Enterprise Micro 5.2SUSE Linux Enterprise Server 15 SP3-LTSS

Fixed in:

1.1.1d-150200.11.103.1

libopenssl-1_1-devel-32bit

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

1.1.1d-150200.11.103.1

libopenssl1_1

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Micro 5.1SUSE Linux Enterprise Micro 5.2SUSE Linux Enterprise Server 15 SP3-LTSS

Fixed in:

1.1.1d-150200.11.103.1

libopenssl1_1-32bit

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

1.1.1d-150200.11.103.1

libopenssl1_1-hmac

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Micro 5.1SUSE Linux Enterprise Micro 5.2SUSE Linux Enterprise Server 15 SP3-LTSS

Fixed in:

1.1.1d-150200.11.103.1

libopenssl1_1-hmac-32bit

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

1.1.1d-150200.11.103.1

openssl-1_1

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Micro 5.1SUSE Linux Enterprise Micro 5.2SUSE Linux Enterprise Server 15 SP3-LTSS

Fixed in:

1.1.1d-150200.11.103.1

openssl-1_1-doc

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

1.1.1d-150200.11.103.1

References

REPORT

https://bugzilla.suse.com/1250232

WEB

https://www.suse.com/security/cve/CVE-2025-9230

ADVISORY

https://www.suse.com/support/update/announcement/2025/suse-su-202503440-1/

Upstream

CVE-2025-9230

Ecosystems(6)

SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Server 15 SP3-LTSS

Timeline

PublishedSep 30, 2025

ModifiedSep 30, 2025

SUSE-SU-2025:03440-1 | Mondoo Vulnerability Intelligence