rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch`

Published: Apr 4, 2025
Updated: Apr 30, 2025
GHSA: <a href="https://github.com/advisories/GHSA-4fcv-w3qc-ppgg" target="_blank" rel="noopener"> GHSA-4fcv-w3qc-ppgg
Severity: Medium
Exploit:

When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result.

In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior).

The maintainers thank quitbug for reporting this vulnerability to us.