{"id":"RLSA-2026:25237","summary":"Important: openssl security update","details":"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing (CVE-2026-7383)\n\n* openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption (CVE-2026-9076)\n\n* openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. (CVE-2026-34180)\n\n* openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (CVE-2026-34181)\n\n* openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages (CVE-2026-34182)\n\n* openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (CVE-2026-34183)\n\n* openssl: NULL pointer dereference in QUIC server initial packet handling (CVE-2026-42764)\n\n* openssl: Possible NULL Dereference in Password-Based CMS Decryption (CVE-2026-42766)\n\n* openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption (CVE-2026-42767)\n\n* openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (CVE-2026-42768)\n\n* openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (CVE-2026-42769)\n\n* openssl: FFC-DH Peer Validation Uses Attacker-Supplied q (CVE-2026-42770)\n\n* openssl: AES-OCB IV Ignored on EVP_Cipher() Path (CVE-2026-45445)\n\n* openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (CVE-2026-45446)\n\n* openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-06-13T00:30:05.753476822Z","published":"2026-06-13T00:05:06.020189Z","upstream":["CVE-2026-34180","CVE-2026-34181","CVE-2026-34182","CVE-2026-34183","CVE-2026-42764","CVE-2026-42766","CVE-2026-42767","CVE-2026-42768","CVE-2026-42769","CVE-2026-42770","CVE-2026-45445","CVE-2026-45446","CVE-2026-45447","CVE-2026-7383","CVE-2026-9076"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:25237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481897"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481890"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481892"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481880"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481882"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481891"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481881"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481884"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481894"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481885"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481898"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481896"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481893"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481887"}],"affected":[{"package":{"name":"openssl","ecosystem":"Rocky Linux:10","purl":"pkg:rpm/rocky-linux/openssl?distro=rocky-linux-10&epoch=1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.5.5-4.el10_2"}],"database_specific":{"yum_repository":"BaseOS"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2026:25237.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}