CVE-2026-28390

NameCVE-2026-28390
DescriptionIssue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyTransportRecipientInfo with RSA-OAEP encryption is processed, the optional parameters field of RSA-OAEP SourceFunc algorithm identifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-6201-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openssl (PTS)bullseye1.1.1w-0+deb11u1vulnerable
bullseye (security)1.1.1w-0+deb11u5vulnerable
bookworm3.0.18-1~deb12u1vulnerable
bookworm (security)3.0.19-1~deb12u2fixed
trixie3.5.5-1~deb13u1vulnerable
trixie (security)3.5.5-1~deb13u2fixed
forky, sid3.6.1-3vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
opensslsourcebookworm3.0.19-1~deb12u2DSA-6201-1
opensslsourcetrixie3.5.5-1~deb13u2DSA-6201-1
opensslsource(unstable)(unfixed)

Notes

https://openssl-library.org/news/secadv/20260407.txt
Search for package or bug name: Reporting problems