Description
Issue summary: During processing of a crafted CMS EnvelopedData message
with KeyAgreeRecipientInfo a NULL pointer dereference can happen.

Impact summary: Applications that process attacker-controlled CMS data may
crash before authentication or cryptographic operations occur resulting in
Denial of Service.

When a CMS EnvelopedData message that uses KeyAgreeRecipientInfo is
processed, the optional parameters field of KeyEncryptionAlgorithmIdentifier
is examined without checking for its presence. This results in a NULL
pointer dereference if the field is missing.

Applications and services that call CMS_decrypt() on untrusted input
(e.g., S/MIME processing or CMS-based protocols) are vulnerable.

The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this
issue, as the affected code is outside the OpenSSL FIPS module boundary.
Published: 2026-04-07
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

During the processing of a CMS EnvelopedData message that includes KeyAgreeRecipientInfo, OpenSSL may dereference a NULL pointer if the optional parameters field of the KeyEncryptionAlgorithmIdentifier is missing. This causes the application to crash before any authentication or cryptographic operations happen. The resulting denial of service can make systems that accept CMS data, such as S/MIME mail processing or other CMS‑based protocols, unavailable.

Affected Systems

All OpenSSL deployments that use the CMS_decrypt routine to process attacker‑controlled CMS data are vulnerable. The issue is present in code outside the FIPS module, so the FIPS 3.x modules (3.6, 3.5, 3.4, 3.3, 3.0) are not affected. Systems that handle S/MIME, secure email, or other CMS‑based protocols could be impacted when they receive malformed CMS messages.

Risk and Exploitability

With a CVSS score of 7.5 the severity is moderate, but the EPSS score is below 1 % and the vulnerability is not listed in the CISA KEV catalog, indicating a low likelihood of widespread exploitation. An attacker would need to supply a crafted CMS EnvelopedData message containing KeyAgreeRecipientInfo without optional parameters. Successful exploitation would crash the application, leading to a denial of service. The attack vector is therefore likely remote over trusted channels where CMS data is accepted.

Generated by OpenCVE AI on April 10, 2026 at 22:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenSSL to a version that includes the published patch for CVE‑2026‑28389.
  • If an immediate upgrade is not feasible, prevent untrusted CMS EnvelopedData messages from reaching CMS_decrypt, for example by disabling S/MIME processing for external input or using a sandboxed process.
  • Add explicit validation to check for the optional parameters field in KeyEncryptionAlgorithmIdentifier before calling CMS_decrypt, or rely on the updated library that performs this check.
  • Confirm that the OpenSSL FIPS modules in use (3.6, 3.5, 3.4, 3.3, 3.0) were not affected and remain compliant.
  • Continuously review the OpenSSL project for any additional security advisories and apply new updates as they become available.

Generated by OpenCVE AI on April 10, 2026 at 22:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6201-1 openssl security update
Ubuntu USN Ubuntu USN USN-8155-1 OpenSSL vulnerabilities
Ubuntu USN Ubuntu USN USN-8155-2 OpenSSL vulnerabilities
History

Thu, 23 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Fri, 10 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Fri, 10 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-166
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 07 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyAgreeRecipientInfo is processed, the optional parameters field of KeyEncryptionAlgorithmIdentifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Title Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
Weaknesses CWE-476
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-04-15T07:28:13.700Z

Reserved: 2026-02-27T13:45:02.161Z

Link: CVE-2026-28389

cve-icon Vulnrichment

Updated: 2026-04-10T20:20:40.423Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T22:16:21.030

Modified: 2026-04-23T15:40:00.107

Link: CVE-2026-28389

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-07T00:00:00Z

Links: CVE-2026-28389 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T14:26:15Z

Weaknesses