CVE-2026-22795

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1, 3.0, 3.3, 3.4, and 3.5 OpenSSL versions 3.6 through 3.6.0

Description An invalid or NULL pointer dereference can occur in applications processing malformed PKCS#12 files. This can lead to a denial of service when an application attempts to read from an invalid or NULL pointer in memory. The issue stems from a type confusion in the PKCS#12 parsing code, where an ASN1 TYPE union member is accessed without prior type validation, resulting in an invalid pointer read. The vulnerability is constrained to a 1-byte address space, which typically results in a crash due to unmapped memory on modern operating systems. Exploitation requires processing a maliciously crafted PKCS#12 file.

Recommendations OpenSSL version 1.1.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. OpenSSL versions 3.0, 3.3, and 3.4: At the moment, there is no information about a newer version that contains a fix for this vulnerability. OpenSSL versions 3.5 through 3.5.4: Update to version 3.5.5. OpenSSL versions 3.6 through 3.6.0: Update to version 3.6.1.