VYPR
← All advisories
High severityNVD Advisory· Published Feb 21, 2024· Updated Aug 14, 2024

cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

CVE-2024-26130

Description

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serialize_key_and_certificates is called with both a certificate whose public key did not match the provided private key and an encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...), then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a ValueError is properly raised.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Cryptography Python package <=42.0.3 crashes via NULL pointer dereference when `pkcs12.serialize_key_and_certificates` is called with a mismatched key/cert and an HMAC hash override.

A null pointer dereference vulnerability exists in the cryptography Python package (versions 38.0.0 through 42.0.3) within the pkcs12.serialize_key_and_certificates function. The bug occurs when the function is called with both a certificate whose public key does not match the provided private key and an encryption_algorithm that has an hmac_hash set via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...) [1][4]. Under these conditions, the code path attempts to dereference a pointer that is null, leading to a crash of the Python process.

Exploitation requires an attacker to supply a mismatched certificate and private key pair along with a crafted encryption algorithm. In typical usage, developers or systems invoking this function (e.g., in certificate management or PKCS#12 generation) would be vulnerable if they inadvertently pass inconsistent arguments. The function does not validate the public-private key match before attempting to compute the HMAC, allowing the null pointer dereference to trigger [2][4].

The impact is a denial of service (DoS) through process termination. An attacker who can control inputs to this function could cause the Python application to crash, disrupting availability. No authentication or special privileges are required beyond the ability to call the vulnerable API endpoint. The crash is silent—no proper exception is raised, only a segmentation fault occurs [1].

The issue is resolved in version 42.0.4, where a ValueError is now raised instead of dereferencing a null pointer [2][3]. Users are strongly advised to upgrade to the patched version. No workarounds are documented; if upgrading is not possible, developers should ensure that the public key of the certificate matches the private key provided and avoid using the hmac_hash override with mismatched inputs [4].

References
  1. NVD - CVE-2024-26130
  2. Fixes #10422 -- don't crash when a PKCS#12 key and cert don't match by alex · Pull Request #10423 · pyca/cryptography
  3. advisory-database/vulns/cryptography/PYSEC-2024-225.yaml at main · pypa/advisory-database
  4. NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
cryptographyPyPI
>= 38.0.0, < 42.0.442.0.4

Affected products

53

Patches

1
97d231672763

Fixes #10422 -- don't crash when a PKCS#12 key and cert don't match (#10423)

https://github.com/pyca/cryptographyAlex GaynorFeb 19, 2024via ghsa
commit
2 files changed · +27 0
  • src/cryptography/hazmat/backends/openssl/backend.py+9 0 modified
    @@ -623,6 +623,15 @@ def serialize_key_and_certificates_to_pkcs12(
                     mac_iter,
                     0,
                 )
+                if p12 == self._ffi.NULL:
+                    errors = self._consume_errors()
+                    raise ValueError(
+                        (
+                            "Failed to create PKCS12 (does the key match the "
+                            "certificate?)"
+                        ),
+                        errors,
+                    )
 
             if (
                 self._lib.Cryptography_HAS_PKCS12_SET_MAC
  • tests/hazmat/primitives/test_pkcs12.py+18 0 modified
    @@ -660,6 +660,24 @@ def test_key_serialization_encryption_set_mac_unsupported(
                 b"name", cakey, cacert, [], algorithm
             )
 
+    @pytest.mark.supported(
+        only_if=lambda backend: backend._lib.Cryptography_HAS_PKCS12_SET_MAC,
+        skip_message="Requires OpenSSL with PKCS12_set_mac",
+    )
+    def test_set_mac_key_certificate_mismatch(self, backend):
+        cacert, _ = _load_ca(backend)
+        key = ec.generate_private_key(ec.SECP256R1())
+        encryption = (
+            serialization.PrivateFormat.PKCS12.encryption_builder()
+            .hmac_hash(hashes.SHA256())
+            .build(b"password")
+        )
+
+        with pytest.raises(ValueError):
+            serialize_key_and_certificates(
+                b"name", key, cacert, [], encryption
+            )
+
 
 @pytest.mark.skip_fips(
     reason="PKCS12 unsupported in FIPS mode. So much bad crypto in it."

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

6

News mentions

0

No linked articles in our index yet.