Description
Issue summary: Converting an excessively large OCTET STRING value to
a hexadecimal string leads to a heap buffer overflow on 32 bit platforms.

Impact summary: A heap buffer overflow may lead to a crash or possibly
an attacker controlled code execution or other undefined behavior.

If an attacker can supply a crafted X.509 certificate with an excessively
large OCTET STRING value in extensions such as the Subject Key Identifier
(SKID) or Authority Key Identifier (AKID) which are being converted to hex,
the size of the buffer needed for the result is calculated as multiplication
of the input length by 3. On 32 bit platforms, this multiplication may overflow
resulting in the allocation of a smaller buffer and a heap buffer overflow.

Applications and services that print or log contents of untrusted X.509
certificates are vulnerable to this issue. As the certificates would have
to have sizes of over 1 Gigabyte, printing or logging such certificates
is a fairly unlikely operation and only 32 bit platforms are affected,
this issue was assigned Low severity.

The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this
issue, as the affected code is outside the OpenSSL FIPS module boundary.
Published: 2026-04-07
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Heap buffer overflow via malformed X.509 certificates could lead to a crash or potential code execution on 32‑bit OpenSSL systems.
Action: Patch
AI Analysis

Impact

Converting an excessively large OCTET STRING from an X.509 certificate to a hexadecimal string uses the input length multiplied by three. On 32‑bit platforms this multiplication can overflow, causing an undersized buffer to be allocated on the heap. When extensions such as the Subject Key Identifier or Authority Key Identifier contain such a large value, the resulting buffer overflow may terminate the process or, under specific attacker‑controlled conditions, trigger arbitrary code execution. The vulnerability is tied to the X.509 conversion routine and only manifests when an unusually large extension is supplied.

Affected Systems

All OpenSSL distributions that compile the affected X.509 conversion code for 32‑bit architectures are vulnerable. The FIPS modules in versions 3.0 through 3.6 are not affected because the corrupted code lies outside the FIPS boundary. Exact version numbers are not listed in the advisory, so any release preceding the patch commits referenced in the advisory is considered at risk.

Risk and Exploitability

The CVSS score of 9.8 indicates critical severity, while the EPSS score of less than 1% suggests a very low likelihood of exploitation in the wild. The vulnerability is not catalogued in CISA’s KEV list, further supporting its low risk profile. Exploitation would require an attacker to supply an X.509 certificate with an OCTET STRING over 1 GB, a scenario inferred from the description and unlikely under normal operation. Consequently the risk of inadvertent or malicious exploitation is minimal but the presence of a heap overflow warrants remediation.

Generated by OpenCVE AI on April 28, 2026 at 16:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenSSL to a version that includes the patch commits referenced in the advisory
  • If an immediate update is not possible, reject or skip processing of certificates with excessively large extensions before the hex conversion step
  • Disable logging or printing of certificate contents for untrusted certificates
  • Avoid running the application on a 32‑bit architecture or enforce strict heap allocation limits
  • Review and strengthen certificate validation logic to reject oversized OCTET STRING values

Generated by OpenCVE AI on April 28, 2026 at 16:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6201-1 openssl security update
Ubuntu USN Ubuntu USN USN-8155-1 OpenSSL vulnerabilities
History

Thu, 23 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H'}

 cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Mon, 13 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H'}

threat_severity

Low

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 07 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Title Heap Buffer Overflow in Hexadecimal Conversion
Weaknesses CWE-787
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-04-13T13:04:17.163Z

Reserved: 2026-03-09T15:56:53.191Z

Link: CVE-2026-31789

cve-icon Vulnrichment

Updated: 2026-04-13T13:00:34.871Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T22:16:21.617

Modified: 2026-04-23T15:39:34.377

Link: CVE-2026-31789

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-07T00:00:00Z

Links: CVE-2026-31789 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T16:45:06Z

Weaknesses