MEDIUM
Openssl Library
CVE published 2025-09-30
CVE-2025-9231
CVE-2025-9231 is a timing side-channel issue in OpenSSL’s SM2 signature implementation on 64-bit ARM platforms. According to the advisory and CVE description, timing measurements revealed a signal that could potentially enable remote recovery of the SM2 private key, although the reporter did not attempt a full network-based recovery. OpenSSL notes that this is not relevant to most TLS deployments because [truncated]