CVE-2026-39856

Name of the Vulnerable Software and Affected Versions osslsigncode versions prior to 2.13

Description osslsigncode is a tool for Authenticode signing and timestamping. A flaw exists in versions 2.12 and earlier within the PE page-hash computation code (pe page hash calc()). The function utilizes PointerToRawData and SizeOfRawData from section headers without verifying if the referenced region is within the file boundaries. An attacker can create a PE file with section headers that point beyond the file's end. When osslsigncode calculates page hashes for such a file, it may attempt to hash data from an invalid memory region, leading to an out-of-bounds read and potentially crashing the process. This can be triggered during signing a malicious PE file with page hashing enabled (-ph), or when verifying a malicious signed PE file that already contains page hashes.

Recommendations Update osslsigncode to version 2.13 or later.