Igor Ustinov

**Name of the Vulnerable Software and Affected Versions** OpenSSL (affected versions not specified) **Description** A NULL pointer dereference can occur during the decryption of password-encrypted Cryptographic Message Syntax (CMS) messages. The issue arises because the OpenSSL CMS implementation dereferences the `PasswordRecipientInfo.keyDerivationAlgorithm` field without verifying its presence, despite it being defined as optional in the ASN.1 specification. An attacker can exploit this by providing a specially crafted CMS message, causing the application to crash and resulting in a Denial of Service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL (affected versions not specified) **Description** A NULL pointer dereference can occur in a CMP client application when processing a crafted CMP response. An attacker controlling a CMP server or acting as a man-in-the-middle can send a CRMF CertRepMessage containing an EncryptedValue structure where the `symmAlg` field includes an algorithm OID but lacks a parameters field. This leads to an application crash and a Denial of Service. This issue affects applications that process untrusted CMP/CRMF messages. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL (affected versions not specified) **Description** A use-after-free condition occurs during PKCS#7 signature verification when processing a specially crafted PKCS#7 or S/MIME signed message. Specifically, if the `SignedData` `digestAlgorithms` field is present as an empty ASN.1 SET, the `PKCS7 verify()` function may incorrectly free a caller-owned BIO. A subsequent attempt by the calling application to use or free this BIO via `BIO free()` can lead to process crashes, heap corruption, or potentially remote code execution. Applications utilizing OpenSSL PKCS#7 APIs are affected, while those using CMS APIs are not. FIPS modules in versions 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL (affected versions not specified) **Description** Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32-bit platforms. This occurs when a crafted X.509 certificate contains an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID). The system calculates the required buffer size by multiplying the input length by 3, which can overflow on 32-bit platforms, resulting in the allocation of an undersized buffer. This may lead to a crash, attacker-controlled code execution, or other undefined behavior. Applications and services that print or log contents of untrusted X.509 certificates are susceptible, although the certificates would need to exceed 1 Gigabyte in size. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL version 3.0 OpenSSL version 3.3 OpenSSL version 3.4 OpenSSL version 3.5 OpenSSL version 3.6 **Description** Parsing CMS AuthEnvelopedData or EnvelopedData messages with maliciously crafted AEAD (Authenticated Encryption with Associated Data) parameters can trigger a stack buffer overflow. When processing CMS structures using AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying if its length fits the destination. This allows an attacker to provide a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services parsing untrusted CMS or PKCS#7 content, such as S/MIME, are affected. Since the overflow occurs prior to authentication, no valid key material is required to trigger the issue, which may lead to a crash causing Denial of Service or potentially remote code execution. **Recommendations** Update OpenSSL version 3.0 to 3.0.19 Update OpenSSL version 3.3 to 3.3.6 Update OpenSSL version 3.4 to 3.4.4 Update OpenSSL version 3.5 to 3.5.5 Update OpenSSL version 3.6 to 3.6.1