{"id":"CVE-2026-41676","summary":"rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1","details":"rust-openssl provides OpenSSL bindings for the Rust programming language.  From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out length to EVP_PKEY_derive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming *keylen, unconditionally writing the full shared secret (32/56/prime-size bytes). A caller passing a short slice gets a heap/stack overflow from safe code. OpenSSL 3.x providers do check, so this only impacts older OpenSSL. This vulnerability is fixed in 0.10.78.","aliases":["GHSA-pqf5-4pqq-29f5"],"modified":"2026-07-17T18:29:39.579215663Z","published":"2026-04-24T17:16:20.539Z","related":["CGA-4rxf-wfwx-7622","SUSE-SU-2026:22554-1","SUSE-SU-2026:22574-1","SUSE-SU-2026:22583-1","SUSE-SU-2026:22589-1","SUSE-SU-2026:22593-1","SUSE-SU-2026:22615-1","SUSE-SU-2026:22624-1","SUSE-SU-2026:2777-1","SUSE-SU-2026:2807-1","SUSE-SU-2026:2825-1","SUSE-SU-2026:2826-1","SUSE-SU-2026:2831-1","SUSE-SU-2026:2832-1","SUSE-SU-2026:2833-1","SUSE-SU-2026:2834-1","SUSE-SU-2026:2835-1","SUSE-SU-2026:2975-1","SUSE-SU-2026:2976-1","SUSE-SU-2026:2977-1","SUSE-SU-2026:3022-1","SUSE-SU-2026:3026-1","SUSE-SU-2026:3040-1","openSUSE-SU-2026:11182-1","openSUSE-SU-2026:11194-1","openSUSE-SU-2026:11205-1","openSUSE-SU-2026:11206-1","openSUSE-SU-2026:11210-1","openSUSE-SU-2026:11222-1","openSUSE-SU-2026:11237-1","openSUSE-SU-2026:11255-1","openSUSE-SU-2026:21252-1","openSUSE-SU-2026:21274-1","openSUSE-SU-2026:21285-1","openSUSE-SU-2026:21294-1"],"database_specific":{"cwe_ids":["CWE-131","CWE-787"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41676.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/41xxx/CVE-2026-41676.json"},{"type":"ADVISORY","url":"https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-pqf5-4pqq-29f5"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41676"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rust-openssl/rust-openssl","events":[{"introduced":"61d5a1e38d7de21ac0e9eace05090ed2497d2d29"},{"fixed":"a6debf535674c9a073f455158743e6ba094cf1b4"}],"database_specific":{"source":["AFFECTED_FIELD","CPE_RANGE"],"cpe":"cpe:2.3:a:rust-openssl_project:rust-openssl:*:*:*:*:*:rust:*:*","extracted_events":[{"introduced":"0.9.27"},{"fixed":"0.10.78"}]}}],"versions":["openssl-v0.10.77","openssl-sys-v0.9.113","openssl-v0.10.76","openssl-sys-v0.9.112","openssl-v0.10.75","openssl-sys-v0.9.111","openssl-v0.10.74","openssl-sys-v0.9.110","openssl-v0.10.73","openssl-sys-v0.9.109","openssl-sys-v0.9.108","openssl-v0.10.72","openssl-sys-v0.9.107","openssl-v0.10.71","openssl-sys-v0.9.106","openssl-v0.10.70","openssl-sys-v0.9.105","openssl-v0.10.69","openssl-v0.10.68","openssl-v0.10.67","openssl-sys-v0.9.104","openssl-v0.10.66","openssl-v0.10.65","openssl-sys-v0.9.103","openssl-sys-v0.9.102","openssl-sys-v0.9.101","openssl-v0.10.64","openssl-sys-v0.9.100","openssl-v0.10.63","openssl-sys-v0.9.99","openssl-v0.10.62","openssl-sys-v0.9.98","openssl-v0.10.61","openssl-sys-v0.9.97","openssl-v0.10.60","openssl-sys-v0.9.96","openssl-v0.10.59","openssl-sys-v0.9.95","openssl-v0.10.58","openssl-sys-v0.9.94","openssl-sys-v0.9.93","openssl-v0.10.57","openssl-sys-v0.9.92","openssl-v0.10.56","openssl-sys-v0.9.91","openssl-sys-v0.9.90","openssl-v0.10.55","openssl-sys-v0.9.89","openssl-v0.10.54","openssl-v0.10.53","openssl-sys-v0.9.88","openssl-v0.10.52","openssl-sys-v0.9.87","openssl-v0.10.51","openssl-sys-v0.9.86","openssl-v0.10.50","openssl-sys-v0.9.85","openssl-v0.10.49","openssl-sys-v0.9.84","openssl-macros-v0.1.1","openssl-v0.10.48","openssl-sys-v0.9.83","openssl-v0.10.47","openssl-sys-v0.9.82","openssl-v0.10.46","openssl-sys-v0.9.81","openssl-v0.10.45","openssl-sys-v0.9.80","openssl-v0.10.44","openssl-sys-v0.9.79","openssl-v0.10.43","openssl-sys-v0.9.78","openssl-sys-v0.9.77","openssl-v0.10.42","openssl-sys-v0.9.76","openssl-v0.10.41","openssl-sys-v0.9.75","openssl-sys-v0.9.74","openssl-v0.10.40","openssl-v0.10.39","openssl-macros-v0.1.0","openssl-sys-v0.9.73","openssl-sys-v0.9.72","openssl-sys-v0.9.71","openssl-sys-v0.9.65","openssl-sys-v0.9.70","openssl-v0.10.38","openssl-sys-v0.9.69","openssl-v0.10.37","openssl-sys-v0.9.68","openssl-sys-v0.9.67","openssl-v0.10.36","openssl-sys-v0.9.66","openssl-errors-v0.2.0","openssl-v0.10.35","openssl-sys-v0.9.64","openssl-sys-v0.9.63","openssl-v0.10.34","openssl-sys-v0.9.62","openssl-v0.10.33","openssl-sys-v0.9.61","openssl-v0.10.32","openssl-sys-v0.9.60","openssl-v0.10.31","openssl-sys-v0.9.59","openssl-v0.10.30","openssl-sys-v0.9.58","openssl-sys-v0.9.57","openssl-sys-v0.9.56","openssl-v0.10.29","openssl-sys-v0.9.55","openssl-v0.10.28","openssl-v0.9.27","openssl-v0.10.27"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-41676.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"}]}