CVE-2025-24898

rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions ssl::select_next_proto can return a slice pointing into the server arguments buffer but with a lifetime bound to the client argument. In situations where the sever buffers lifetime is shorter than the client buffers, this can cause a use after free. This could cause the server to crash or to return arbitrary memory contents to the client. The crateopenssl version 0.10.70 fixes the signature of ssl::select_next_proto to properly constrain the output buffers lifetime to that of both input buffers. Users are advised to upgrade. In standard usage of ssl::select_next_proto in the callback passed to SslContextBuilder::set_alpn_select_callback, code is only affected if the server buffer is constructed within the callback.

Weakness

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.

Affected Software

Potential Mitigations

References

• https://crates.io/crates/openssl
• https://github.com/sfackler/rust-openssl/pull/2360
• https://github.com/sfackler/rust-openssl/security/advisories/GHSA-rpmj-rpgj-qmpm
• https://lists.debian.org/debian-lts-announce/2025/02/msg00009.html