Red Hat Security Advisory: openssl security update
A low severity vulnerability (CVE-2024-5535) affecting OpenSSL in Red Hat Enterprise Linux 9. 4 Extended Update Support has been identified. The issue involves a buffer overread in the SSL_select_next_proto function. Red Hat has released an update to address this vulnerability. No known exploits are reported in the wild. The vulnerability is categorized under CWE-200, indicating information exposure. The update is available for multiple Red Hat Enterprise Linux architectures including x86_64, s390x, ppc64le, and aarch64.
AI Analysis
Technical Summary
CVE-2024-5535 is a buffer overread vulnerability in the OpenSSL SSL_select_next_proto function, which is part of the SSL/TLS protocol implementation and cryptography library. This vulnerability could potentially lead to information exposure. Red Hat has issued a security advisory (RHSA-2025:3666) with an update for OpenSSL packages in Red Hat Enterprise Linux 9.4 Extended Update Support to fix this issue. The vulnerability is rated as low severity by Red Hat Product Security. No CVSS score is provided in the advisory. The fix is available via updated OpenSSL packages distributed by Red Hat.
Potential Impact
The vulnerability could allow an attacker to cause a buffer overread in the SSL_select_next_proto function, potentially exposing sensitive information. However, Red Hat rates the security impact as low. There are no known exploits in the wild targeting this vulnerability. The impact is limited to affected versions of OpenSSL in Red Hat Enterprise Linux 9.4 Extended Update Support and related variants.
Mitigation Recommendations
Red Hat has released updated OpenSSL packages that address CVE-2024-5535. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the available security update as described in Red Hat advisory RHSA-2025:3666 and the referenced update article (https://access.redhat.com/articles/11258). Applying this update will remediate the vulnerability. No additional mitigation steps are indicated by the vendor.
Red Hat Security Advisory: openssl security update
Description
A low severity vulnerability (CVE-2024-5535) affecting OpenSSL in Red Hat Enterprise Linux 9. 4 Extended Update Support has been identified. The issue involves a buffer overread in the SSL_select_next_proto function. Red Hat has released an update to address this vulnerability. No known exploits are reported in the wild. The vulnerability is categorized under CWE-200, indicating information exposure. The update is available for multiple Red Hat Enterprise Linux architectures including x86_64, s390x, ppc64le, and aarch64.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-5535 is a buffer overread vulnerability in the OpenSSL SSL_select_next_proto function, which is part of the SSL/TLS protocol implementation and cryptography library. This vulnerability could potentially lead to information exposure. Red Hat has issued a security advisory (RHSA-2025:3666) with an update for OpenSSL packages in Red Hat Enterprise Linux 9.4 Extended Update Support to fix this issue. The vulnerability is rated as low severity by Red Hat Product Security. No CVSS score is provided in the advisory. The fix is available via updated OpenSSL packages distributed by Red Hat.
Potential Impact
The vulnerability could allow an attacker to cause a buffer overread in the SSL_select_next_proto function, potentially exposing sensitive information. However, Red Hat rates the security impact as low. There are no known exploits in the wild targeting this vulnerability. The impact is limited to affected versions of OpenSSL in Red Hat Enterprise Linux 9.4 Extended Update Support and related variants.
Mitigation Recommendations
Red Hat has released updated OpenSSL packages that address CVE-2024-5535. Users of affected Red Hat Enterprise Linux 9.4 Extended Update Support versions should apply the available security update as described in Red Hat advisory RHSA-2025:3666 and the referenced update article (https://access.redhat.com/articles/11258). Applying this update will remediate the vulnerability. No additional mitigation steps are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:3666
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a1f4e89e29bf47b500839f6
Added to database: 6/2/2026, 9:43:37 PM
Last enriched: 6/2/2026, 10:18:39 PM
Last updated: 6/3/2026, 4:57:50 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.