CVE-2026-45447

Vulnerability

A use-after-free vulnerability exists in OpenSSL's PKCS#7 signature verification when processing a PKCS#7 or S/MIME signed message. If the SignedData digestAlgorithms field is an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). This affects OpenSSL versions 4.0, 3.6, 3.5, 3.4, 3.0, 1.1.1, and 1.0.2. Applications using the CMS APIs are not affected [1].

Exploitation

An attacker can trigger this vulnerability by providing a specially crafted PKCS#7 or S/MIME signed message. The vulnerability is triggered when the application later attempts to use the BIO that was incorrectly freed by PKCS7_verify(), such as by calling BIO_free() on it. This requires the attacker to be able to send such a message to an application processing PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs [1].

Impact

Successful exploitation of this use-after-free vulnerability can lead to process crashes or heap corruption. In certain application contexts, it may potentially be exploitable for remote code execution, allowing an attacker to compromise the affected process with the privileges of that process [1].

Mitigation

OpenSSL 4.0 users should upgrade to OpenSSL 4.0.1. OpenSSL 3.6 users should upgrade to OpenSSL 3.6.3. OpenSSL 3.5 users should upgrade to OpenSSL 3.5.7. OpenSSL 3.4 users should upgrade to OpenSSL 3.4.6. OpenSSL 3.0 users should upgrade to OpenSSL 3.0.21. OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1zh (premium support customers only). OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zq (premium support customers only) [1].