CVE-2025-15467

EUVD-2025-206379
Issue summary: Parsing CMS AuthEnvelopedData message with maliciously
crafted AEAD parameters can trigger a stack buffer overflow.

Impact summary: A stack buffer overflow may lead to a crash, causing Denial
of Service, or potentially remote code execution.

When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as
AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is
copied into a fixed-size stack buffer without verifying that its length fits
the destination. An attacker can supply a crafted CMS message with an
oversized IV, causing a stack-based out-of-bounds write before any
authentication or tag verification occurs.

Applications and services that parse untrusted CMS or PKCS#7 content using
AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable.
Because the overflow occurs prior to authentication, no valid key material
is required to trigger it. While exploitability to remote code execution
depends on platform and toolchain mitigations, the stack-based write
primitive represents a severe risk.

The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this
issue, as the CMS implementation is outside the OpenSSL FIPS module
boundary.

OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.

OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
opensslopenssl
3.0.0 ≤
𝑥
< 3.0.19
opensslopenssl
3.3.0 ≤
𝑥
< 3.3.6
opensslopenssl
3.4.0 ≤
𝑥
< 3.4.4
opensslopenssl
3.5.0 ≤
𝑥
< 3.5.5
opensslopenssl
3.6.0 ≤
𝑥
< 3.6.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssl
bookworm
vulnerable
bookworm (security)
3.0.18-1~deb12u2
fixed
bullseye
1.1.1w-0+deb11u1
not-affected
bullseye (security)
1.1.1w-0+deb11u4
fixed
forky
3.5.5-1
fixed
sid
3.5.5-1
fixed
trixie
vulnerable
trixie (security)
3.5.4-1~deb13u2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssl
bionic
not-affected
focal
not-affected
jammy
Fixed 3.0.2-0ubuntu1.21
released
noble
Fixed 3.0.13-0ubuntu3.7
released
plucky
ignored
questing
Fixed 3.5.3-1ubuntu3
released
trusty
not-affected
xenial
not-affected
openssl1.0
bionic
not-affected
jammy
dne
noble
dne
plucky
dne
questing
dne
nodejs
bionic
needs-triage
focal
not-affected
jammy
needed
noble
not-affected
plucky
not-affected
questing
not-affected
trusty
not-affected
xenial
needs-triage
edk2
bionic
not-affected
focal
not-affected
jammy
not-affected
noble
needs-triage
plucky
ignored
questing
needs-triage
xenial
not-affected
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703
https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9
https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3
https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e
https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc
https://openssl-library.org/news/secadv/20260127.txt
http://www.openwall.com/lists/oss-security/2026/01/27/10