CVE-2025-61730

NameCVE-2025-61730
DescriptionDuring the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1125916, 1125917

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
golang-1.15 (PTS)bullseye1.15.15-1~deb11u4vulnerable
golang-1.19 (PTS)bookworm1.19.8-2vulnerable
golang-1.24 (PTS)trixie1.24.4-1vulnerable
forky1.24.9-1vulnerable
sid1.24.12-1fixed
golang-1.25 (PTS)forky1.25.3-1vulnerable
sid1.25.7-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
golang-1.15source(unstable)(unfixed)
golang-1.19source(unstable)(unfixed)
golang-1.24source(unstable)1.24.12-11125917
golang-1.25source(unstable)1.25.6-11125916

Notes

[bullseye] - golang-1.15 <postponed> (Limited support, minor issue, follow bookworm DSAs/point-releases)
https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc
https://github.com/golang/go/issues/76443
Fixed by: https://github.com/golang/go/commit/525dd853633f90d6038719d9a48cba3770ca71ea (go1.25.6)
Fixed by: https://github.com/golang/go/commit/ad2cd043db66cd36e1f55359638729d2c8ff3d99 (go1.24.12)
Search for package or bug name: Reporting problems