rpm package
suse/openssl-3-livepatches&distro=SUSE Linux Micro 6.2
pkg:rpm/suse/openssl-3-livepatches&distro=SUSE%20Linux%20Micro%206.2
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-15467 | Hig | 8.8 | < 0.3-160000.1.1 | 0.3-160000.1.1 | Jan 27, 2026 | Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When | |
| CVE-2025-15468 | — | < 0.3-160000.1.1 | 0.3-160000.1.1 | Jan 27, 2026 | Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process ca | ||
| CVE-2025-11187 | — | < 0.3-160000.1.1 | 0.3-160000.1.1 | Jan 27, 2026 | Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash | ||
| CVE-2025-9230 | Hig | 7.5 | < 0.3-160000.1.1 | 0.3-160000.1.1 | Sep 30, 2025 | Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds |
- affected < 0.3-160000.1.1fixed 0.3-160000.1.1
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When
- CVE-2025-15468Jan 27, 2026affected < 0.3-160000.1.1fixed 0.3-160000.1.1
Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process ca
- CVE-2025-11187Jan 27, 2026affected < 0.3-160000.1.1fixed 0.3-160000.1.1
Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash
- affected < 0.3-160000.1.1fixed 0.3-160000.1.1
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds