Description
Issue summary: A signed integer overflow when sizing the destination
buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap
buffer overflow.

Impact summary: A heap buffer overflow may lead to a crash or possibly
attacker controlled code execution or other undefined behaviour.

In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination
size for Unicode output is computed in a signed int: by left shift
of the input character count for BMPSTRING (UTF-16) and
UNIVERSALSTRING (UTF-32), and by summing per-character byte counts
for UTF8STRING. The calculation overflows when the input reaches
around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30
characters) the size wraps to zero, OPENSSL_malloc(1) is called, and
the subsequent character copy writes several gigabytes past the
one-byte allocation.

X.509 certificate processing routes through ASN1_STRING_set_by_NID(),
whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID
size limits cap the input length; no network protocol or
certificate-handling path in OpenSSL exercises the overflow.
Triggering the bug requires an application that calls
ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers
a custom string type via ASN1_STRING_TABLE_add(), with
attacker-controlled input on the order of half a gigabyte or more.
For these reasons this issue was assigned Low severity.

The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by
this issue, as the affected code is outside the OpenSSL FIPS module
boundary.
Published: 2026-06-09
Score: 8.1 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A signed integer overflow occurs in the destination size calculation of the ASN1_mbstring_ncopy function, which is used for converting ASN.1 multibyte strings to Unicode format. The overflow can cause the allocated buffer to be far smaller than the data being copied, resulting in a heap buffer overflow. Depending on how the overflow is exploited, the application may crash or an attacker could potentially execute arbitrary code. This weakness is captured by CWE‑787: Buffer Access Using Size of Wrong Type.

Affected Systems

The flaw exists in OpenSSL’s core library code that implements ASN.1 string handling. No version numbers are explicitly listed in the advisory, and the FIPS modules (4.0, 3.6, 3.5, 3.4, 3.0) are not affected. Therefore any OpenSSL deployment that links against the non‑FIPS code path and that may invoke ASN1_mbstring_copy or ASN1_mbstring_ncopy could be affected, especially if the application supplies very large string inputs.

Risk and Exploitability

The CVSS score of 8.1 indicates a high severity, and its EPSS score is not available. It is not listed in the CISA KEV catalog. Exploitation requires an application that explicitly calls the vulnerable conversion routine or registers a custom string type, with an input of roughly half a gigabyte or more. Because the overflow occurs only when processing exceptionally large inputs and no standard OpenSSL API path exposes the vulnerability, the real‑world likelihood of exploitation is small but not zero. Nevertheless, the potential impact of arbitrary code execution warrants proactive mitigation if the affected function is used.

Generated by OpenCVE AI on June 9, 2026 at 20:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenSSL to the latest stable release that contains the fix for the integer overflow in ASN1_mbstring_ncopy.
  • Audit and modify application code to avoid direct calls to ASN1_mbstring_copy or ASN1_mbstring_ncopy, or to register custom string types with stringent size limits; enforce a strict input length cap well below 2^30 characters.
  • Implement runtime defenses such as ASLR and stack canaries, and consider sandboxing or memory‑defense techniques for any processes that may handle large ASN.1 string inputs.

Generated by OpenCVE AI on June 9, 2026 at 20:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6335-1 openssl security update
Ubuntu USN Ubuntu USN USN-8414-1 OpenSSL vulnerabilities
Ubuntu USN Ubuntu USN USN-8414-2 OpenSSL vulnerabilities
History

Tue, 09 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 09 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Title Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion
Weaknesses CWE-787
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-06-09T16:48:55.394Z

Reserved: 2026-04-29T08:21:07.253Z

Link: CVE-2026-7383

cve-icon Vulnrichment

Updated: 2026-06-09T16:48:48.573Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:50.337

Modified: 2026-06-09T19:38:32.463

Link: CVE-2026-7383

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T21:00:08Z

Weaknesses