CVE-2025-9231

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 3.0.17-1~deb12u3 OpenSSL versions prior to 3.5.1-1+deb13u1 OpenSSL versions prior to 3.5.4 OpenSSL versions prior to 3.4.3 OpenSSL versions prior to 3.3.5 OpenSSL versions prior to 3.2.6

Description A timing side-channel exists in the SM2 algorithm implementation on 64-bit ARM platforms. This issue could potentially allow a remote attacker to recover the private key through precise timing measurements. While remote key recovery over a network has not been demonstrated, timing measurements have revealed a timing signal that may enable such an attack. The vulnerability is considered a moderate severity issue, particularly in scenarios where support for SM2 certificates is added via a custom provider. The FIPS modules in OpenSSL versions 3.0, 3.1, 3.2, 3.3, 3.4, and 3.5 are not affected, as SM2 is not an approved algorithm.

Recommendations Upgrade OpenSSL to version 3.0.17-1~deb12u3 or later. Upgrade OpenSSL to version 3.5.1-1+deb13u1 or later. Upgrade OpenSSL to version 3.5.4 or later. Upgrade OpenSSL to version 3.4.3 or later. Upgrade OpenSSL to version 3.3.5 or later. Upgrade OpenSSL to version 3.2.6 or later.