Skip to main content
Early Access
— Mondoo Vulnerability Intelligence is currently in preview.
Vulnerability Intelligence
Login
Get Demo
openSUSE-SU-2025:20164-1 | Mondoo Vulnerability Intelligence
Back to search
openSUSE-SU-2025:20164-1
UNKNOWN
Security update for openssl-3
Published Dec 15, 2025
Modified 1 months ago
Fix available
Details
This update for openssl-3 fixes the following issues:
CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM (bsc#1250233)
CVE-2025-9232: Fixed out-of-bounds read in HTTP client no_proxy handling (bsc#1250234)
Affected Packages
openSUSE:Leap 16.0
libopenssl-3-devel
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
libopenssl-3-fips-provider
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
libopenssl-3-fips-provider-x86-64-v3
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
libopenssl3
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
libopenssl3-x86-64-v3
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
openssl-3
Fixed in:
3.5.0-160000.4.1
openSUSE:Leap 16.0
openssl-3-doc
Fixed in:
3.5.0-160000.4.1
References
ADVISORY
REPORT
https://bugzilla.suse.com/1250232
REPORT
https://bugzilla.suse.com/1250233
REPORT
https://bugzilla.suse.com/1250234
WEB
https://www.suse.com/security/cve/CVE-2025-9230
WEB
https://www.suse.com/security/cve/CVE-2025-9231
WEB
https://www.suse.com/security/cve/CVE-2025-9232
Upstream
CVE-2025-9230
CVE-2025-9231
CVE-2025-9232
Related
CVE-2025-9230
CVE-2025-9231
CVE-2025-9232
Ecosystems
openSUSE Leap 16.0
Timeline
Published
Dec 15, 2025
Modified
Dec 15, 2025