Rocky 8 CVE-2024-9143 & Rocky 9 CVE-2025-32728

MSA · August 14, 2025, 8:50am

During security scan we found out that following vulnerabilities are present on openssl & openssh packages:
CVE-2024-9143 & Rocky 9 CVE-2025-32728

Couldn’t find their remediation in the change log of packages. When is Rocky linux going to release resolution for this

jlehtone · August 14, 2025, 11:46am

Red Hat says: cve-details
That is:

openssl in any RHEL is not affected
CVE has low impact and therefore fix is deferred for the other (affected) components

Rocky has what RHEL has and therefore, openssl in Rocky is not affected and no fix is required.
Your “security scan” does not actually verify that component has/hasn’t vulnerability, nor it does know that the component in RHEL/Rocky differs from upstream.

The CVE-2025-32728 cve-details has moderate impact but Red Hat has deferred fix. They do describe a mitigation to avoid the issue for time being.

Rocky has what RHEL has and therefore Rocky will (most likely) not release a fixed version before RHEL has released one.

system · October 13, 2025, 11:47am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
OpenSSL and OpenSSH vulnerabilities do they impact Rocky 9? Rocky Linux Help & Support rocky-linux-9	4	916	October 11, 2024
Open ssl 3.2.3 and later support plan is? Rocky Linux Help & Support	4	542	April 22, 2025
OpenSSH vulnerabilities CVE-2023-51767, CVE-2023-51767, CVE-2023-51384, CVE-2025-26465 Rocky Linux Help & Support rocky-linux-9	3	944	May 11, 2025
About CVEs in RHEL based distros Rocky Linux Help & Support rocky-linux-8 , rocky-linux-9	3	1519	April 3, 2024
Rocky Linux 8.9 has CVE Vulnerabilities Rocky Linux Help & Support rocky-linux-8	6	4904	March 24, 2024

Rocky 8 CVE-2024-9143 & Rocky 9 CVE-2025-32728

Related topics