SB2026071945 - openEuler 22.03 LTS SP4 update for edk2



SB2026071945 - openEuler 22.03 LTS SP4 update for edk2

Published: July 19, 2026

Security Bulletin ID SB2026071945
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2026-42766)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to NULL pointer dereference in password-based CMS decryption when processing a specially crafted CMS message with an absent PasswordRecipientInfo.keyDerivationAlgorithm field. A remote attacker can send a specially crafted CMS message to cause a denial of service.

Applications that process password-encrypted CMS messages may be affected.


2) Observable discrepancy (CVE-ID: CVE-2026-42768)

CWE-ID: CWE-203 - Observable discrepancy

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to decrypt or sign messages with the victim's private RSA key.

The vulnerability exists due to observable discrepancy in error handling in CMS_decrypt() and PKCS7_decrypt() when processing attacker-supplied CMS or S/MIME messages and exposing decryption errors or output differences. A remote attacker can send crafted messages and observe the application's responses to decrypt or sign messages with the victim's private RSA key.

The attack requires the application to expose the error code and/or decryption output in a way that can be observed by the attacker.


Remediation

Install update from vendor's website.