Opened 3 weeks ago
Closed 2 weeks ago
#5948 closed enhancement (fixed)
less-704
| Reported by: | Bruce Dubbs | Owned by: | lfs-book |
|---|---|---|---|
| Priority: | normal | Milestone: | 13.1 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New version.
Change History (4)
comment:1 by , 3 weeks ago
comment:2 by , 3 weeks ago
| Priority: | normal → high |
|---|
### Changes between 4.0.0 and 4.0.1 [9 Jun 2026]
- Fixed heap use-after-free in
PKCS7_verify().
Severity: High
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification.
Impact summary: A use-after-free may result in process crashes, heap corruption, or, potentially, remote code execution.
CVE-2026-45447
- Fixed CMS
AuthEnvelopedDataprocessing may accept forged messages.
Severity: Moderate
Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of
AuthEnvelopedDatacontainers, leading to various potential compromises.
Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message.
CVE-2026-34182]
- Fixed unbounded memory growth in the QUIC
PATH_CHALLENGEhandler.
Severity: Moderate
Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing
PATH_CHALLENGEframes.
Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service.
CVE-2026-34183
- Fixed double-free when checking OCSP stapled response.
Severity: Moderate
Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the
status_requestextension, triggering a double-free in the client's certificate verification path.
Impact summary: Successful exploitation allows an attacker to corrupt heap memory via a double-free, potentially leading to a Denial of Service or possibly an attacker controlled code execution or other undefined behavior.
CVE-2026-35188
- Fixed NULL pointer dereference in QUIC server initial packet handling.
Severity: Moderate
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled.
Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service.
CVE-2026-42764
- Fixed AES-OCB IV ignored on
EVP_Cipher()path.
Severity: Moderate
Issue summary: When an application drives an AES-OCB context through the public
EVP_Cipher()one-shot interface, the application-supplied initialisation vector (IV) is silently discarded.
Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in
(key, nonce)reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the(key, IV)pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message.
CVE-2026-45445
- Fixed possible heap buffer overflow in ASN.1 multibyte string conversion.
Severity: Low
Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in
ASN1_mbstring_ncopy()can lead to a heap buffer overflow.
Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour.
CVE-2026-7383
- Fixed out-of-bounds read in CMS password-based decryption.
Severity: Low
Issue summary: When CMS password-based decryption ([RFC 3211]/PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in
kek_unwrap_key().
Impact summary: A heap buffer over-read may trigger a crash, which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure, as the over-read bytes are not revealed to the attacker.
CVE-2026-9076]
- Fixed heap buffer over-read in ASN.1 content parsing.
Severity: Low
Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms.
Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically, such ASN.1 elements would instead be truncated.
CVE-2026-34180
- Fixed PKCS#12 files with PBMAC1 are accepted with short HMAC keys.
Severity: Low
Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery.
Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability.
CVE-2026-34181
- Fixed NULL dereference in certificate verification with OCSP Checking.
Severity: Low
Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process.
Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application.
CVE-2026-42765
- Fixed possible NULL dereference in password-dased CMS decryption.
Severity: Low
Issue summary: A specially crafted password-encrypted CMS message could trigger a NULL pointer dereference during CMS decryption.
Impact summary: This NULL pointer dereference could lead to an application crash and a Denial of Service.
CVE-2026-42766
- Fixed NULL pointer dereference in CRMF
EncryptedValuedecryption.
Severity: Low
Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application.
Impact summary: A NULL pointer dereference could cause a crash of the application and a Denial of Service.
CVE-2026-42767
- Fixed multi-
RecipientInfoBleichenbacher Oracle inCMS_decrypt()andPKCS7_decrypt().
Severity: Low
Issue summary: The
CMS_decrypt()andPKCS7_decrypt()functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide CMS or S/MIME messages and observe the error code and/or decryption output.
Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key.
CVE-2026-42768
- Fixed trust anchor substitution via
cert/issuertypo in CMProotCaKeyUpdate.
Severity: Low
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level.
Impact Summary: The Registration Authority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate.
CVE-2026-42769
- Fixed FFC-DH peer validation uses attacker-supplied
q.
Severity: Low
Issue summary: When
EVP_PKEY_derive_set_peer()is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership.
Impact summary: A malicious peer which presents an X9.42 key carrying the victim's
pandgparameters, a forgedq = r(a small prime factor of the cofactor(p − 1)/q_local), and a public valueYof orderrcan recover the victim's private key after a small number of key exchange attempts.
CVE-2026-42770
- Fixed possible out of bounds read in
X509_VERIFY_PARAM_set1_email().
Severity: Low
Issue summary: When
X509_VERIFY_PARAM_set1_email()is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen.
Impact summary: This out of bounds read will not directly exfiltrate the data read to the attacker, so, the most likely result is a crash and a Denial of Service.
CVE-2026-42771
- Fixed incorrect tag processing for empty messages in AES-GCM-SIV and AES-SIV modes.
Severity: Low
Issue summary: The implementations of AES-SIV ([RFC 5297]) and AES-GCM-SIV ([RFC 8452]) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext, allowing forgery of such messages.
Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers.
[CVE-2026-45446]
- Fixed a regression introduced in 4.0.0 that led to a
openssl pkeycommand crash when it was invoked to encrypt a private key with password being provided interactively.
- Fixed a regression introduced in 4.0.0 that led to
openssl s_client -advcommand prematurely terminating a session when reading input of 16384 bytes in oneread()call.
- Fixed TLS 1.3 server not sending
NewSessionTicketmessage after ciphersuite mismatch.
- Implemented validation of the minimal length of PSK identity being of at least one byte long, as required per [RFC 8446].
- Fixed usage of stale application buffer pointer by kTLS implementation
after incomplete writes when
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFERis set, that led to invalid memory reads and sending of incorrect data.
comment:3 by , 3 weeks ago
| Priority: | high → normal |
|---|
Major changes between "less" versions 702 and 704