{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-26130", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-02-14T17:40:03.687Z", "datePublished": "2024-02-21T16:28:18.632Z", "dateUpdated": "2024-08-14T20:01:52.628Z"}, "containers": {"cna": {"title": "cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override", "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "lang": "en", "description": "CWE-476: NULL Pointer Dereference", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"}, {"name": "https://github.com/pyca/cryptography/pull/10423", "tags": ["x_refsource_MISC"], "url": "https://github.com/pyca/cryptography/pull/10423"}, {"name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "tags": ["x_refsource_MISC"], "url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"}], "affected": [{"vendor": "pyca", "product": "cryptography", "versions": [{"version": ">= 38.0.0, < 42.0.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-21T16:28:18.632Z"}, "descriptions": [{"lang": "en", "value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."}], "source": {"advisory": "GHSA-6vqw-3v5j-54x4", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:59:32.542Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"}, {"name": "https://github.com/pyca/cryptography/pull/10423", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/pyca/cryptography/pull/10423"}, {"name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"}]}, {"affected": [{"vendor": "cryptography_project", "product": "cryptography", "cpes": ["cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*"], "defaultStatus": "unknown", "versions": [{"version": "38.0.0", "status": "affected", "lessThan": "42.04", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-14T19:56:07.150963Z", "id": "CVE-2024-26130", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T20:01:52.628Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/pyca/cryptography/pull/10423", "name": "https://github.com/pyca/cryptography/pull/10423", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:59:32.542Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26130", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-14T19:56:07.150963Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*"], "vendor": "cryptography_project", "product": "cryptography", "versions": [{"status": "affected", "version": "38.0.0", "lessThan": "42.04", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-14T19:59:58.743Z"}}], "cna": {"title": "cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override", "source": {"advisory": "GHSA-6vqw-3v5j-54x4", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "pyca", "product": "cryptography", "versions": [{"status": "affected", "version": ">= 38.0.0, < 42.0.4"}]}], "references": [{"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pyca/cryptography/pull/10423", "name": "https://github.com/pyca/cryptography/pull/10423", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476: NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-21T16:28:18.632Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26130", "state": "PUBLISHED", "dateUpdated": "2024-08-14T20:01:52.628Z", "dateReserved": "2024-02-14T17:40:03.687Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-02-21T16:28:18.632Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."}, {"lang": "es", "value": "cryptography es un paquete manipulado para exponer recetas y primitivas criptogr\u00e1ficas a los desarrolladores de Python. A partir de la versi\u00f3n 38.0.0 y anteriores a la versi\u00f3n 42.0.4, si se llama a `pkcs12.serialize_key_and_certificates` con un certificado cuya clave p\u00fablica no coincide con la clave privada proporcionada y un `encryption_algorithm` con `hmac_hash` configurado (a trav\u00e9s de `PrivateFormat .PKCS12.encryption_builder().hmac_hash(...)`, entonces se producir\u00eda una desreferencia del puntero NULL, bloqueando el proceso de Python. Esto se resolvi\u00f3 en la versi\u00f3n 42.0.4, la primera versi\u00f3n en la que se genera correctamente un `ValueError` ."}], "id": "CVE-2024-26130", "lastModified": "2024-02-22T19:07:27.197", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-02-21T17:15:09.863", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"}, {"source": "security-advisories@github.com", "url": "https://github.com/pyca/cryptography/pull/10423"}, {"source": "security-advisories@github.com", "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3781", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "impact": "moderate", "package": "python3x-cryptography-0:42.0.5-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:3781", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9", "impact": "moderate", "package": "python-cryptography-0:42.0.5-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:7987", "cpe": "cpe:/a:redhat:satellite:6.15::el8", "impact": "moderate", "package": "python-cryptography-0:42.0.8-1.el8pc", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2024-10-10T00:00:00Z"}, {"advisory": "RHSA-2024:7987", "cpe": "cpe:/a:redhat:satellite:6.15::el8", "impact": "moderate", "package": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2024-10-10T00:00:00Z"}, {"advisory": "RHSA-2024:7987", "cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8", "impact": "moderate", "package": "python-cryptography-0:42.0.8-1.el8pc", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2024-10-10T00:00:00Z"}, {"advisory": "RHSA-2024:7987", "cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8", "impact": "moderate", "package": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat", "product_name": "Red Hat Satellite 6.15 for RHEL 8", "release_date": "2024-10-10T00:00:00Z"}], "bugzilla": {"description": "python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override", "id": "2269617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269617"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.", "A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS#12 key and certificate do not match. Specifically, if the pkcs12.serialize_key_and_certificates function is called with a non-matching certificate and private key and an encryption algorithm with hmac_hash set, the Python process may crash, leading to a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-26130", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "python39:3.9/python-cryptography", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "python-cryptography", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:rhui:4::el8", "fix_state": "Affected", "package_name": "python-cryptography", "product_name": "Red Hat Update Infrastructure 4 for Cloud Providers"}], "public_date": "2024-02-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26130\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26130"], "statement": "The vulnerability in python-cryptography that leads to a NULL pointer dereference during the pkcs12.serialize_key_and_certificates function execution is classified as a moderate severity issue. While the vulnerability can result in a denial-of-service (DoS) by crashing the Python process, it requires specific conditions to trigger: a mismatch between the provided certificate's public key and private key, coupled with the use of an encryption algorithm with hmac_hash set.\nThe exploitation of this vulnerability does not directly lead to arbitrary code execution or data leakage. Instead, it causes a controlled termination of the Python process, which, although disruptive, is not as critical as other vulnerabilities that can lead to unauthorized access, data corruption, or code injection. However, it's important to note that denial-of-service conditions can still have operational impacts, disrupting services or causing system instability.\nThis issue does not affect Red Hat Enterprise Linux 6, 7, 8 and 9 as we dont ship the vulnerable code and package version.", "threat_severity": "Important", "upstream_fix": "cryptography 42.0.4"}