CVE-2025-24898

Name of the Vulnerable Software and Affected Versions rust-openssl versions prior to 0.10.70

Description The issue arises when ssl::select next proto returns a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. If the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free, potentially leading to the server crashing or returning arbitrary memory contents to the client. The function ssl::select next proto is typically used in the callback passed to SslContextBuilder::set alpn select callback. Code is only affected if the server buffer is constructed within the callback.

Recommendations To resolve the issue, update to version 0.10.70 or later of the openssl crate, which fixes the signature of ssl::select next proto to properly constrain the output buffer's lifetime to that of both input buffers. For versions prior to 0.10.70, ensure that the server buffer outlives the handshake or has a static lifetime to avoid the use after free issue.