Description
Issue summary: A type confusion vulnerability exists in the signature
verification of signed PKCS#7 data where an ASN1_TYPE union member is
accessed without first validating the type, causing an invalid or NULL
pointer dereference when processing malformed PKCS#7 data.

Impact summary: An application performing signature verification of PKCS#7
data or calling directly the PKCS7_digest_from_attributes() function can be
caused to dereference an invalid or NULL pointer when reading, resulting in
a Denial of Service.

The function PKCS7_digest_from_attributes() accesses the message digest attribute
value without validating its type. When the type is not V_ASN1_OCTET_STRING,
this results in accessing invalid memory through the ASN1_TYPE union, causing
a crash.

Exploiting this vulnerability requires an attacker to provide a malformed
signed PKCS#7 to an application that verifies it. The impact of the
exploit is just a Denial of Service, the PKCS7 API is legacy and applications
should be using the CMS API instead. For these reasons the issue was
assessed as Low severity.

The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,
as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module
boundary.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.
Published: 2026-01-27
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

A type confusion vulnerability in OpenSSL’s PKCS7_digest_from_attributes() function allows an attacker to cause a crash when the function processes a malformed PKCS#7 object. The code accesses an ASN1_TYPE union member without first validating that the type is V_ASN1_OCTET_STRING. If the type is different, the union points to invalid or NULL memory, leading to an invalid pointer dereference during signature verification, which in turn triggers a denial of service via application termination.

Affected Systems

OpenSSL libraries on multiple releases—including 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2—are affected. Applications that perform PKCS#7 signature verification or call PKCS7_digest_from_attributes() directly are vulnerable. The FIPS modules in versions 3.5, 3.4, 3.3 and 3.0 are not impacted because the vulnerable parsing code lies outside the FIPS boundary.

Risk and Exploitability

With a CVSS score of 5.3 and an EPSS probability of less than 1 %, this issue is considered low severity and is not listed in CISA’s KEV catalog. Exploitation requires an attacker to supply a crafted, malformed signed PKCS#7 message to an application that processes it, typically through a remote interface that accepts signed data. Successful exploitation results in a crash, causing a denial of service without compromising confidentiality or integrity. Because the vulnerability is only triggered by specifically crafted input, attackers must have a vector to deliver the forged PKCS#7 data, such as a web service that accepts signed tokens.

Generated by OpenCVE AI on April 18, 2026 at 02:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenSSL to a release that incorporates the fix (e.g., 3.6.1 or later).
  • If an upgrade cannot be performed immediately, replace all uses of PKCS7_digest_from_attributes() and legacy PKCS#7 parsing with the CMS API, which is the recommended and secure alternative.
  • Apply the upstream patch by cherry‑selecting the relevant GitHub commits to your local build before upgrading, or merge the merged changes into your release branch.
  • Deploy application monitoring to detect sudden crashes and trigger alerts, ensuring any remaining vulnerable instances are identified and remediated.

Generated by OpenCVE AI on April 18, 2026 at 02:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4490-1 openssl security update
Debian DSA Debian DSA DSA-6113-1 openssl security update
Ubuntu USN Ubuntu USN USN-7980-1 OpenSSL vulnerabilities
Ubuntu USN Ubuntu USN USN-7980-2 OpenSSL vulnerabilities
History

Mon, 02 Feb 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Wed, 28 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1287
References
Metrics threat_severity

None

 threat_severity

Low

Tue, 27 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 27 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 27 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Description Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.
Title ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
Weaknesses CWE-754
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-01-27T16:28:52.046Z

Reserved: 2026-01-09T18:54:13.571Z

Link: CVE-2026-22796

cve-icon Vulnrichment

Updated: 2026-01-27T16:28:09.717Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-27T16:16:35.543

Modified: 2026-02-02T18:40:27.467

Link: CVE-2026-22796

cve-icon Redhat

Severity : Low

Publid Date: 2026-01-27T00:00:00Z

Links: CVE-2026-22796 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:15:05Z

Weaknesses