CVE-2026-34180

EUVD-2026-35476
Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive
element whose content exceeds 2 gigabytes in length may cause a heap buffer
over-read on 64-bit Unix and Unix-like platforms.

Impact summary: The heap buffer over-read may crash the application (Denial of
Service) or to load into the decoded ASN.1 object contents of memory beyond the
end of the input buffer.  More typically such ASN.1 elements would instead be
truncated.

An integer truncation in OpenSSL's ASN.1 decoder causes the content length of
an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the
worst case the truncated length is treated as a request to scan the binary
content for a terminating zero byte, possibly causing OpenSSL to read either
less than or beyond the end of the allocated buffer.

Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or
any other d2i_* decoding function are affected. OpenSSL's own command-line
tools are not vulnerable, as data read through the BIO layer is checked before
it reaches the affected code. The issue only affects 64-bit Unix and Unix-like
platforms; 32-bit platforms and 64-bit Windows are not affected.

The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,
as the affected code is outside the OpenSSL FIPS module boundary.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
opensslCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
opensslopenssl
4.0.0 ≤
𝑥
< 4.0.1
CNA
opensslopenssl
3.6.0 ≤
𝑥
< 3.6.3
CNA
opensslopenssl
3.5.0 ≤
𝑥
< 3.5.7
CNA
opensslopenssl
3.4.0 ≤
𝑥
< 3.4.6
CNA
opensslopenssl
3.0.0 ≤
𝑥
< 3.0.21
CNA
Debian logo
Debian Releases
Debian Product
Codename
openssl
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
vulnerable
sid
vulnerable
trixie
vulnerable
trixie (security)
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssl
bionic
Fixed 1.1.1-1ubuntu2.1~18.04.23+esm9
released
focal
Fixed 1.1.1f-1ubuntu2.24+esm4
released
jammy
Fixed 3.0.2-0ubuntu1.25
released
noble
Fixed 3.0.13-0ubuntu3.11
released
questing
Fixed 3.5.3-1ubuntu3.4
released
resolute
Fixed 3.5.5-1ubuntu3.2
released
trusty
Fixed 1.0.1f-1ubuntu2.27+esm14
released
xenial
Fixed 1.0.2g-1ubuntu4.20+esm16
released
openssl-fips
jammy
dne
noble
dne
questing
dne
resolute
dne
openssl1.0
bionic
Fixed 1.0.2n-1ubuntu5.13+esm5
released
jammy
dne
noble
dne
questing
dne
resolute
dne
nodejs
bionic
needs-triage
focal
not-affected
jammy
needed
noble
not-affected
questing
not-affected
resolute
not-affected
trusty
not-affected
edk2
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
noble
needs-triage
questing
needs-triage
resolute
needs-triage
Common Weakness Enumeration
References
https://github.com/openssl/security/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d
https://github.com/openssl/security/commit/cbe418ae978539cf14a398a207dba834c0e93e83
https://github.com/openssl/security/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff
https://github.com/openssl/security/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43
https://github.com/openssl/security/commit/f696c73c3e61b8c502d040af62e690c060908a16
https://openssl-library.org/news/secadv/20260609.txt