Description
Issue summary: During processing of a crafted CMS EnvelopedData message
with KeyTransportRecipientInfo a NULL pointer dereference can happen.

Impact summary: Applications that process attacker-controlled CMS data may
crash before authentication or cryptographic operations occur resulting in
Denial of Service.

When a CMS EnvelopedData message that uses KeyTransportRecipientInfo with
RSA-OAEP encryption is processed, the optional parameters field of
RSA-OAEP SourceFunc algorithm identifier is examined without checking
for its presence. This results in a NULL pointer dereference if the field
is missing.

Applications and services that call CMS_decrypt() on untrusted input
(e.g., S/MIME processing or CMS-based protocols) are vulnerable.

The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this
issue, as the affected code is outside the OpenSSL FIPS module boundary.
Published: 2026-04-07
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

A crafted CMS EnvelopedData message that uses KeyTransportRecipientInfo with RSA‑OAEP can trigger a NULL pointer dereference when the optional parameters field of the RSA‑OAEP algorithm identifier is missing and examined without a null check. The failure occurs before authentication or cryptographic operations, leading to a crash of the application and a denial‑of‑service condition. The weakness is a classic NULL pointer dereference (CWE‑476).

Affected Systems

The flaw resides in the CMS implementation of the OpenSSL library for all non‑FIPS builds. Any program that processes CMS data via CMS_decrypt(), such as S/MIME handlers or other CMS‑based protocols, is potentially vulnerable. The FIPS modules (3.6, 3.5, 3.4, 3.3 and 3.0) are unaffected because the vulnerable code lies outside the FIPS boundary.

Risk and Exploitability

The CVSS score of 7.5 reflects a high‑severity impact, yet the EPSS score is below 1 % and the issue is not listed in CISA’s KEV catalog, suggesting low current exploitation activity. An attacker would need to supply a malicious CMS EnvelopedData message to a vulnerable application; a successful exploit would cause an application crash and downtime. Proper input validation or disallowing the processing of KeyTransportRecipientInfo from untrusted sources mitigates the risk, but the most reliable defense is applying the vendor patch.

Generated by OpenCVE AI on April 9, 2026 at 01:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest OpenSSL release that incorporates the commits linked in the advisory; these changes address the unchecked pointer dereference.
  • If an upgrade cannot be performed immediately, prevent processing of KeyTransportRecipientInfo in untrusted CMS data or enforce strict input validation before calling CMS_decrypt().
  • Confirm that the environment is not using the FIPS module version, which is not affected.
  • Stay current with future advisories and patch promptly when a new release is issued.

Generated by OpenCVE AI on April 9, 2026 at 01:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6201-1 openssl security update
Ubuntu USN Ubuntu USN USN-8155-1 OpenSSL vulnerabilities
Ubuntu USN Ubuntu USN USN-8155-2 OpenSSL vulnerabilities
History

Thu, 23 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Fri, 10 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 07 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of Service. When a CMS EnvelopedData message that uses KeyTransportRecipientInfo with RSA-OAEP encryption is processed, the optional parameters field of RSA-OAEP SourceFunc algorithm identifier is examined without checking for its presence. This results in a NULL pointer dereference if the field is missing. Applications and services that call CMS_decrypt() on untrusted input (e.g., S/MIME processing or CMS-based protocols) are vulnerable. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Title Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo
Weaknesses CWE-476
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-04-15T07:28:22.729Z

Reserved: 2026-02-27T13:45:02.161Z

Link: CVE-2026-28390

cve-icon Vulnrichment

Updated: 2026-04-10T20:25:59.806Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T22:16:21.190

Modified: 2026-04-23T15:39:52.520

Link: CVE-2026-28390

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-07T22:00:54Z

Links: CVE-2026-28390 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:28:36Z

Weaknesses