CVE-2025-24898
Description
Moderate: python3.12-cryptography security update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7317.html
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7313.html
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7241.html
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7160.html
Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-7147.html
Vendor advisory: alma — https://bugzilla.redhat.com/2343573
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2025-24898
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:7160
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:7241
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:7317
Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2025:7313
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7317
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7313
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7241
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7160
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:7147
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 9 | fixed | |
| debian | bookworm | affected | |
| debian | bullseye | fixed | 0.10.29-1+deb11u1 |
| debian | forky | fixed | 0.10.70-1 |
| debian | sid | fixed | 0.10.70-1 |
| debian | trixie | fixed | 0.10.70-1 |
References
- https://github.com/sfackler/rust-openssl/security/advisories/GHSA-rpmj-rpgj-qmpm
- https://access.redhat.com/errata/RHSA-2025:7147
- https://access.redhat.com/errata/RHSA-2025:7160
- https://access.redhat.com/errata/RHSA-2025:7241
- https://access.redhat.com/errata/RHSA-2025:7313
- https://access.redhat.com/errata/RHSA-2025:7317
- https://errata.rockylinux.org/RLSA-2025:7313
- https://errata.rockylinux.org/RLSA-2025:7317
- https://errata.rockylinux.org/RLSA-2025:7241
- https://errata.rockylinux.org/RLSA-2025:7160
- https://nvd.nist.gov/vuln/detail/CVE-2025-24898
- https://github.com/sfackler/rust-openssl/pull/2360
- https://github.com/sfackler/rust-openssl/commit/f014afb230de4d77bc79dea60e7e58c2f47b60f2
- https://crates.io/crates/openssl
- https://github.com/sfackler/rust-openssl
- https://lists.debian.org/debian-lts-announce/2025/02/msg00009.html
- https://rustsec.org/advisories/RUSTSEC-2025-0004.html
- https://security-tracker.debian.org/tracker/CVE-2025-24898
- https://bugzilla.redhat.com/2343573
- https://errata.almalinux.org/9/ALSA-2025-7147.html
- https://errata.almalinux.org/9/ALSA-2025-7160.html
- https://errata.almalinux.org/9/ALSA-2025-7241.html
- https://errata.almalinux.org/9/ALSA-2025-7313.html
- https://errata.almalinux.org/9/ALSA-2025-7317.html
Verify integrity in audit chain (admin only). AS-IS.