CVE-2025-9231

CVE-2025-9231

Name

CVE-2025-9231

Description

Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recovering the private key by an attacker.. While remote key recovery over a network was not attempted by the reporter, timing measurements revealed a timing signal which may allow such an attack. OpenSSL does not directly support certificates with SM2 keys in TLS, and so this CVE is not relevant in most TLS contexts. However, given that it is possible to add support for such certificates via a custom provider, coupled with the fact that in such a custom provider context the private key may be recoverable via remote timing measurements, we consider this to be a Moderate severity issue. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as SM2 is not an approved algorithm.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
patch	https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe
patch	https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698
patch	https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4
patch	https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2
vendor-advisory	https://openssl-library.org/news/secadv/20250930.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/09/30/5

Type

URI

patch

https://github.com/openssl/openssl/commit/567f64386e43683888212226824b6a179885a0fe

patch

https://github.com/openssl/openssl/commit/cba616c26ac8e7b37de5e77762e505ba5ca51698

patch

https://github.com/openssl/openssl/commit/eed5adc9f969d77c94f213767acbb41ff923b6f4

patch

https://github.com/openssl/openssl/commit/fc47a2ec078912b3e914fab5734535e76c4820c2

vendor-advisory

https://openssl-library.org/news/secadv/20250930.txt

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/09/30/5

Match rules

Source package	Min version	Max version
openssl	>= 3.5.0	< 3.5.4
openssl	>= 3.4.0	< 3.4.3
openssl	>= 3.3.0	< 3.3.5
openssl	>= 3.2.0	< 3.2.6

CPE URI

Source package

Min version

Max version

openssl

>= 3.5.0

< 3.5.4

openssl

>= 3.4.0

< 3.4.3

openssl

>= 3.3.0

< 3.3.5

openssl

>= 3.2.0

< 3.2.6

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
openssl	edge-main	3.5.4-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssl	edge-main	3.5.3-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.5.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.5.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.5.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.5.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.5.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.2-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.2-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.2-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.2-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.1-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.1-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.1-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.0-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.3.0-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	edge-main	3.2.1-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.23-main	3.5.4-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssl	3.22-main	3.5.4-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssl	3.22-main	3.5.3-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.22-main	3.5.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.22-main	3.5.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.22-main	3.5.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.22-main	3.5.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.22-main	3.3.3-r0	None	possibly vulnerable
openssl	3.22-main	3.3.2-r5	None	possibly vulnerable
openssl	3.22-main	3.3.2-r3	None	possibly vulnerable
openssl	3.22-main	3.3.2-r0	None	possibly vulnerable
openssl	3.22-main	3.3.1-r1	None	possibly vulnerable
openssl	3.22-main	3.3.0-r3	None	possibly vulnerable
openssl	3.22-main	3.3.0-r2	None	possibly vulnerable
openssl	3.22-main	3.2.1-r2	None	possibly vulnerable
openssl	3.21-main	3.3.5-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssl	3.21-main	3.3.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.21-main	3.3.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.21-main	3.3.2-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.21-main	3.3.2-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.21-main	3.3.2-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.21-main	3.3.2-r3	None	possibly vulnerable
openssl	3.21-main	3.3.2-r0	None	possibly vulnerable
openssl	3.21-main	3.3.1-r1	None	possibly vulnerable
openssl	3.21-main	3.3.0-r3	None	possibly vulnerable
openssl	3.21-main	3.3.0-r2	None	possibly vulnerable
openssl	3.21-main	3.2.1-r2	None	possibly vulnerable
openssl	3.20-main	3.3.5-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
openssl	3.20-main	3.3.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.2-r3	None	possibly vulnerable
openssl	3.20-main	3.3.2-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.2-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.1-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.1-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.0-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.3.0-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
openssl	3.20-main	3.2.1-r2	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages