CVE-2025-24898
Description
rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This could cause the server to crash or to return arbitrary memory contents to the client. The crateopenssl version 0.10.70 fixes the signature of ssl::select_next_proto to properly constrain the output buffer's lifetime to that of both input buffers. Users are advised to upgrade. In standard usage of ssl::select_next_proto in the callback passed to SslContextBuilder::set_alpn_select_callback, code is only affected if the server buffer is constructed *within* the callback.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opensslcrates.io | >= 0.10.0, < 0.10.70 | 0.10.70 |
Affected products
60- Range: openssl-errors-v0.1.0, openssl-errors-v0.2.0, openssl-macros-v0.1.0, …
- osv-coords59 versionspkg:apk/chainguard/bergpkg:apk/chainguard/linkerd2pkg:apk/chainguard/linkerd2-clipkg:apk/chainguard/linkerd2-controllerpkg:apk/chainguard/linkerd2-controller-compatpkg:apk/chainguard/linkerd2-debugpkg:apk/chainguard/linkerd2-metrics-apipkg:apk/chainguard/linkerd2-metrics-api-compatpkg:apk/chainguard/linkerd2-policy-controllerpkg:apk/chainguard/linkerd2-policy-controller-compatpkg:apk/chainguard/linkerd2-proxy-identitypkg:apk/chainguard/linkerd2-tappkg:apk/chainguard/linkerd2-tap-compatpkg:apk/chainguard/linkerd2-webpkg:apk/chainguard/linkerd-extension-initpkg:apk/chainguard/linkerd-extension-init-compatpkg:apk/chainguard/lycheepkg:apk/chainguard/nushellpkg:apk/chainguard/nushell-pluginspkg:apk/chainguard/rustuppkg:apk/chainguard/sccachepkg:apk/chainguard/sdp-device-id-servicepkg:apk/chainguard/sdp-identity-servicepkg:apk/chainguard/sdp-k8s-injectorpkg:apk/chainguard/zedpkg:apk/wolfi/bergpkg:apk/wolfi/linkerd2pkg:apk/wolfi/linkerd2-clipkg:apk/wolfi/linkerd2-controllerpkg:apk/wolfi/linkerd2-controller-compatpkg:apk/wolfi/linkerd2-debugpkg:apk/wolfi/linkerd2-metrics-apipkg:apk/wolfi/linkerd2-metrics-api-compatpkg:apk/wolfi/linkerd2-policy-controllerpkg:apk/wolfi/linkerd2-policy-controller-compatpkg:apk/wolfi/linkerd2-proxy-identitypkg:apk/wolfi/linkerd2-tappkg:apk/wolfi/linkerd2-tap-compatpkg:apk/wolfi/linkerd2-webpkg:apk/wolfi/linkerd-extension-initpkg:apk/wolfi/linkerd-extension-init-compatpkg:apk/wolfi/lycheepkg:apk/wolfi/nushellpkg:apk/wolfi/nushell-pluginspkg:apk/wolfi/rustuppkg:apk/wolfi/sccachepkg:apk/wolfi/sdp-device-id-servicepkg:apk/wolfi/sdp-identity-servicepkg:apk/wolfi/sdp-k8s-injectorpkg:apk/wolfi/zedpkg:cargo/opensslpkg:rpm/almalinux/bootcpkg:rpm/almalinux/bootupdpkg:rpm/almalinux/keylime-agent-rustpkg:rpm/almalinux/python3.12-cryptographypkg:rpm/almalinux/rpm-ostreepkg:rpm/almalinux/rpm-ostree-libspkg:rpm/almalinux/system-reinstall-bootcpkg:rpm/opensuse/obs-service-cargo&distro=openSUSE%20Tumbleweed
< 0.4.7-r1+ 58 more
- (no CPE)range: < 0.4.7-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 0.1.2-r1
- (no CPE)range: < 0.1.2-r1
- (no CPE)range: < 0.18.0-r1
- (no CPE)range: < 0.102.0-r0
- (no CPE)range: < 0.102.0-r0
- (no CPE)range: < 1.27.1-r5
- (no CPE)range: < 0.9.1-r1
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 0.171.6-r1
- (no CPE)range: < 0.4.7-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 25.1.2-r1
- (no CPE)range: < 0.1.2-r1
- (no CPE)range: < 0.1.2-r1
- (no CPE)range: < 0.18.0-r1
- (no CPE)range: < 0.102.0-r0
- (no CPE)range: < 0.102.0-r0
- (no CPE)range: < 1.27.1-r5
- (no CPE)range: < 0.9.1-r1
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 1.3.7-r5
- (no CPE)range: < 0.171.6-r1
- (no CPE)range: >= 0.10.0, < 0.10.70
- (no CPE)range: < 1.1.6-3.el9_6
- (no CPE)range: < 0.2.27-3.el9
- (no CPE)range: < 0.2.2-2.el9
- (no CPE)range: < 41.0.7-2.el9
- (no CPE)range: < 2025.5-1.el9
- (no CPE)range: < 2025.5-1.el9
- (no CPE)range: < 1.1.6-3.el9_6
- (no CPE)range: < 4.5.0-2.1
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-rpmj-rpgj-qmpmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-24898ghsaADVISORY
- crates.io/crates/opensslnvdWEB
- github.com/sfackler/rust-openssl/commit/f014afb230de4d77bc79dea60e7e58c2f47b60f2ghsaWEB
- github.com/sfackler/rust-openssl/pull/2360nvdWEB
- github.com/sfackler/rust-openssl/security/advisories/GHSA-rpmj-rpgj-qmpmnvdWEB
- lists.debian.org/debian-lts-announce/2025/02/msg00009.htmlnvdWEB
- rustsec.org/advisories/RUSTSEC-2025-0004.htmlghsaWEB
News mentions
0No linked articles in our index yet.