SB20260409112 - Ubuntu update for openssl

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20260409112

SB20260409112 - Ubuntu update for openssl

Published: April 9, 2026

Security Bulletin ID SB20260409112
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 57% Low 29%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Always-Incorrect Control Flow Implementation (CVE-ID: CVE-2026-2673)

The vulnerability allows a remote attacker to cause the use of a less preferred key agreement group.

The vulnerability exists due to improper implementation of group tuple handling in TLS 1.3 server key exchange group negotiation when processing a ClientHello with initial predicted keyshares while the server configuration uses the "DEFAULT" keyword. A remote attacker can send a crafted TLS handshake to cause the use of a less preferred key agreement group.

No OpenSSL FIPS modules are affected because the vulnerable code lies outside the FIPS boundary.


2) Use-after-free (CVE-ID: CVE-2026-28387)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to use-after-free in DANE client code when processing server DANE TLSA records during TLSA-based server authentication. A remote attacker can provide crafted TLSA records to execute arbitrary code.

The issue only affects clients that use both PKIX-TA(0) or PKIX-EE(1) certificate usages together with the DANE-TA(2) certificate usage, and the server must publish a TLSA RRset containing both record types.


3) NULL pointer dereference (CVE-ID: CVE-2026-28388)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to NULL pointer dereference in delta CRL processing during X.509 certificate verification when processing a malformed delta CRL that contains a Delta CRL Indicator extension but lacks a CRL Number extension. A remote attacker can provide a malformed CRL to cause a denial of service.

Exploitation requires delta CRL processing to be enabled in the verification context and the certificate or base CRL to indicate freshest CRL processing.


4) NULL pointer dereference (CVE-ID: CVE-2026-28389)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to NULL pointer dereference in CMS KeyAgreeRecipientInfo processing when processing a crafted CMS EnvelopedData message with a missing optional parameters field. A remote attacker can send a crafted CMS message to cause a denial of service.

Applications and services that call CMS_decrypt() on untrusted input, such as S/MIME processing or CMS-based protocols, are affected.


5) NULL pointer dereference (CVE-ID: CVE-2026-28390)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to NULL pointer dereference in CMS KeyTransportRecipientInfo processing when processing a crafted CMS EnvelopedData message using RSA-OAEP with a missing optional parameters field. A remote attacker can send a crafted CMS message to cause a denial of service.

Applications and services that call CMS_decrypt() on untrusted input, such as S/MIME processing or CMS-based protocols, are affected.


6) Heap-based buffer overflow (CVE-ID: CVE-2026-31789)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to heap-based buffer overflow in hexadecimal conversion when converting an excessively large OCTET STRING value from an untrusted X.509 certificate to a hexadecimal string on 32-bit platforms. A remote attacker can supply a crafted X.509 certificate to execute arbitrary code.

Only 32-bit platforms are affected, and exploitation requires printing or logging untrusted X.509 certificates containing an OCTET STRING value larger than 1 gigabyte.


7) Unchecked Return Value (CVE-ID: CVE-2026-31790)

The vulnerability allows a remote attacker to disclose sensitive information.

The vulnerability exists due to incorrect failure handling in RSA KEM RSASVE encapsulation when processing an attacker-supplied invalid RSA public key with EVP_PKEY_encapsulate(). A remote attacker can supply an invalid RSA public key to disclose sensitive information.

The issue affects applications using RSA/RSASVE encapsulation without validating the supplied public key first.


Remediation

Install update from vendor's website.

References