CVE-2026-35188

EUVD-2026-35480

09.06.2026, 17:17

Issue summary: A malicious server can exploit TLS OCSP stapling by delivering
a crafted response through the status_request extension, triggering a
double-free in the client's certificate verification path.

Impact summary: Successful exploitation allows an attacker to corrupt heap
memory via a double-free, potentially leading to a Denial of Service or
possibly an attacker controlled code execution or other undefined behavior.

If OCSP stapling is enabled and the TLS client connects to a malicious server,
a crafted OCSP stapled response can trigger a double free in the TLS client
when the stapled response is checked.

The OCSP stapling is not enabled by default. Reliable code execution
through a double-free is technically complex and highly environment-dependent
but the Denial of Service impact is straightforward to achieve, warranting
Moderate severity.

No FIPS modules are affected by this issue as the affected code is outside
the OpenSSL FIPS module boundary.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
openssl	CNA	UNKNOWN				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
openssl	openssl	4.0.0 ≤ 𝑥 < 4.0.1	CNA
openssl	openssl	3.6.0 ≤ 𝑥 < 3.6.3	CNA

Debian Releases

Debian Product

Codename

openssl

bookworm	3.0.20-1~deb12u1 fixed
bookworm (security)	3.0.20-1~deb12u2 fixed
bullseye	1.1.1w-0+deb11u1 fixed
bullseye (security)	1.1.1w-0+deb11u7 fixed
forky	vulnerable
sid	vulnerable
trixie	3.5.6-1~deb13u1 fixed
trixie (security)	3.5.6-1~deb13u2 fixed

Ubuntu Releases

Ubuntu Product

Codename

openssl

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	not-affected
questing	not-affected
resolute	not-affected
trusty	not-affected
xenial	not-affected

openssl-fips

jammy	not-affected
noble	not-affected
questing	dne
resolute	dne

openssl1.0

bionic	not-affected
jammy	dne
noble	dne
questing	dne
resolute	dne

nodejs

bionic	not-affected
focal	not-affected
jammy	needed
noble	not-affected
questing	not-affected
resolute	not-affected
trusty	not-affected

edk2

bionic	not-affected
focal	not-affected
jammy	not-affected
noble	not-affected
questing	not-affected
resolute	not-affected

Common Weakness Enumeration

CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

https://github.com/openssl/security/commit/131145d25659e8749a9ed1afb383484854cffb78

https://github.com/openssl/security/commit/78d0154cffda03aaaac63a087cc523a6b35fa8fd

https://openssl-library.org/news/secadv/20260609.txt