CRITICAL🇵🇱 Wersja polska

CVE-2026-31789

CVSS 9.8v3.1pub. 2026-04-07upd. 2026-05-12

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.

🤖 AI Analysis
How it works

During the conversion of OCTET STRING values to hex strings, the required buffer size is calculated as the product of input data length multiplied by 3. On 32-bit platforms, this multiplication can cause an integer overflow, resulting in allocation of a buffer that is too small, followed by a write beyond its boundaries (heap buffer overflow). An attacker can provide a crafted X.509 certificate containing an excessively large OCTET STRING value in extensions such as Subject Key Identifier (SKID) or Authority Key Identifier (AKID). The vulnerability is triggered when an application or service displays or logs the contents of an untrusted X.509 certificate.

Impact

An attacker can cause an application processing a certificate to crash or—under specific circumstances—achieve arbitrary code execution (RCE) or other undefined behavior. Only 32-bit platforms are affected.

Mitigation & patch

Apply patches available from the vendor according to the references (commits published in the OpenSSL GitHub repository). If immediate updating is not possible, avoid logging or displaying the contents of untrusted X.509 certificates on 32-bit platforms.

Who is affected

OpenSSL on 32-bit platforms—applications and services printing or logging the contents of untrusted X.509 certificates. FIPS modules in versions 3.6, 3.5, 3.4, 3.3, and 3.0 are not affected because the vulnerable code is outside the FIPS module boundary. Specific vulnerable versions are indicated in the vendor's references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • OpenSSL

    APP
    Openssl
    3.0.0 – 3.0.20 (bez)3.3.0 – 3.3.7 (bez)3.4.0 – 3.4.5 (bez)3.5.0 – 3.5.6 (bez)3.6.0 – 3.6.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2026-34182CRITICAL9.1PL ✓ten sam produkt

OpenSSL CMS AuthEnvelopedData — niewystarczająca walidacja wejścia umożliwia atak oracle i bypass integralnośc...

CVE-2022-2274CRITICAL9.8ten sam produkt

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AV...

CVE-2021-3711CRITICAL9.8ten sam produkt

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt()....

CVE-2020-7043CRITICAL9.1ten sam produkt

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certif...

CVE-2016-6309CRITICAL9.8ten sam produkt

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows r...