CVE-2025-3416

EUVD-2025-10375
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libekmfweb1
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
libekmfweb1-devel
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
libkmipclient1
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
osasnmpd
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
python311-cryptography
suse enterprise server 15 SP4
41.0.3-150400.16.22.1
fixed
s390-tools
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
s390-tools-chreipl-fcp-mpath
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
s390-tools-genprotimg-data
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
s390-tools-hmcdrvfs
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
s390-tools-zdsfs
suse enterprise desktop 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise desktop 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise sap 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise sap 15 SP7
2.37.0-150700.4.3.1
fixed
suse enterprise server 15 SP4
2.31.0-150400.7.31.1
fixed
suse enterprise server 15 SP6
2.31.0-150600.8.16.1
fixed
suse enterprise server 15 SP7
2.37.0-150700.4.3.1
fixed
sevctl
suse enterprise sap 15 SP6
0.4.3-150600.4.3.1
fixed
suse enterprise sap 15 SP7
0.6.0-150700.3.3.1
fixed
suse enterprise server 15 SP6
0.4.3-150600.4.3.1
fixed
suse enterprise server 15 SP7
0.6.0-150700.3.3.1
fixed
snpguest
suse enterprise sap 15 SP6
0.3.2-150600.3.6.1
fixed
suse enterprise sap 15 SP7
0.10.0-150700.3.3.1
fixed
suse enterprise server 15 SP6
0.3.2-150600.3.6.1
fixed
suse enterprise server 15 SP7
0.10.0-150700.3.3.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2025-3416
https://bugzilla.redhat.com/show_bug.cgi?id=2357560
https://github.com/sfackler/rust-openssl
https://github.com/sfackler/rust-openssl/commit/87085bd67896b7f92e6de35d081f607a334beae4
https://github.com/sfackler/rust-openssl/pull/2390
https://rustsec.org/advisories/RUSTSEC-2025-0022.html