{ "document": { "aggregate_severity": { "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* SECURITY UPDATE: Heap buffer overflow in ASN1_mbstring_ncopy() where\n the destination length for BMPSTRING and UNIVERSALSTRING output is\n computed by a signed left shift that can overflow int, producing an\n undersized allocation followed by out-of-bounds writes for oversized\n attacker-controlled inputs reaching ASN1_mbstring_copy() or\n ASN1_mbstring_ncopy() directly.\n - debian/patches/CVE-2026-7383.patch: reject oversized inputs before\n the shifts and in out_utf8() in crypto/asn1/a_mbstr.c.\n - CVE-2026-7383\n * SECURITY UPDATE: Out-of-bounds read in kek_unwrap_key() check-byte\n validation when a CMS PasswordRecipientInfo uses a KEK cipher with a\n block size smaller than 4 octets, making the decrypted buffer smaller\n than the seven octets the check-byte test reads.\n - debian/patches/CVE-2026-9076.patch: reject blocklen < 4 and\n oversized inlen in kek_unwrap_key() in crypto/cms/cms_pwri.c.\n - CVE-2026-9076\n * SECURITY UPDATE: Heap buffer over-read in ASN.1 content parsing: the\n long content length was truncated to int in asn1_ex_c2i(), so\n ASN1_STRING_set() could be called with an inconsistent length.\n - debian/patches/CVE-2026-34180.patch: pass the length as long in\n asn1_ex_c2i() and reject lengths not representable as int in\n crypto/asn1/tasn_dec.c.\n - CVE-2026-34180\n * SECURITY UPDATE: NULL pointer dereference when processing CMS\n PasswordRecipientInfo with the optional keyDerivationAlgorithm field\n absent, allowing a denial of service via crafted CMS messages.\n - debian/patches/CVE-2026-42766.patch: fail cleanly when\n keyDerivationAlgorithm is missing in crypto/cms/cms_pwri.c.\n - CVE-2026-42766\n * SECURITY UPDATE: Use-after-free in PKCS7_verify() where the cleanup\n path can free the caller-owned indata BIO via BIO_free_all() when\n verifying a crafted PKCS#7 structure with an empty digestAlgorithms\n SET, leading to crashes, heap corruption or potentially remote code\n execution.\n - debian/patches/CVE-2026-45447.patch: free the BIO chain explicitly,\n stopping at the caller-owned indata, in crypto/pkcs7/pk7_smime.c.\n - debian/patches/CVE-2026-45447-test.patch: upstream regression test\n (empty digestAlgorithms SET must fail cleanly).\n - CVE-2026-45447", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu18.04els/advisories/2026/clsa-2026_1781345820.json" } ], "tracking": { "current_release_date": "2026-06-13T10:19:30Z", "generator": { "date": "2026-06-13T10:19:30Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1781345820", "initial_release_date": "2026-06-13T10:19:30Z", "revision_history": [ { "date": "2026-06-13T10:19:30Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "Fix of 5 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 18.04", "product": { "name": "Ubuntu 18.04", "product_id": "Ubuntu-18", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els10?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els10?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els10?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els9?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els9?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els9?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els8?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els8?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els8?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els7?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els7?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els7?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els4?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els4?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els4?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_id": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl1.1@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els1?arch=amd64" } } }, { "category": "product_version", "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_id": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-dev@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els1?arch=amd64" } } }, { "category": "product_version", "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_id": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/openssl@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els1?arch=amd64" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els10?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els9?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els8?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els7?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els4?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els3?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els2?arch=all" } } }, { "category": "product_version", "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "product": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "product_id": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libssl-doc@1.1.1-1ubuntu2.1~18.04.23%2Btuxcare.els1?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all" }, "product_reference": "libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64" }, "product_reference": "libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64" }, "product_reference": "libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64" }, "product_reference": "openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-18" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-7383", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "known_affected": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-7383" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/4f8d2bddaa2c8e06f9c33390ee1717059a6e4be6", "url": "https://github.com/openssl/security/commit/4f8d2bddaa2c8e06f9c33390ee1717059a6e4be6" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/80c15faaf78042bbb8654a0e234c50c381732f74", "url": "https://github.com/openssl/security/commit/80c15faaf78042bbb8654a0e234c50c381732f74" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/bd17511070fb39a67bfa19682affb765e706a974", "url": "https://github.com/openssl/security/commit/bd17511070fb39a67bfa19682affb765e706a974" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/c332adaced43bcbb85f97410597e951c11ec3083", "url": "https://github.com/openssl/security/commit/c332adaced43bcbb85f97410597e951c11ec3083" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/d32350ae8ef7426718f5aa9e383d4b51398ee255", "url": "https://github.com/openssl/security/commit/d32350ae8ef7426718f5aa9e383d4b51398ee255" }, { "category": "external", "summary": "https://openssl-library.org/news/secadv/20260609.txt", "url": "https://openssl-library.org/news/secadv/20260609.txt" } ], "release_date": "2026-06-09T17:17:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-06-13T10:17:05.975063Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "none_available", "date": "2026-06-09T17:17:00Z", "details": "Affected", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2026-34180", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL's ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL's own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "known_affected": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-34180" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d", "url": "https://github.com/openssl/security/commit/1c6908e4fa5fa568752221d8eaf561a809751e5d" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/cbe418ae978539cf14a398a207dba834c0e93e83", "url": "https://github.com/openssl/security/commit/cbe418ae978539cf14a398a207dba834c0e93e83" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff", "url": "https://github.com/openssl/security/commit/d93853c42110d6319e3df07842b488cb9f7ac5ff" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43", "url": "https://github.com/openssl/security/commit/da5d62af75f69d6fbf7803743d7c56ac75461e43" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/f696c73c3e61b8c502d040af62e690c060908a16", "url": "https://github.com/openssl/security/commit/f696c73c3e61b8c502d040af62e690c060908a16" }, { "category": "external", "summary": "https://openssl-library.org/news/secadv/20260609.txt", "url": "https://openssl-library.org/news/secadv/20260609.txt" } ], "release_date": "2026-06-09T17:17:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-06-13T10:17:05.975063Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "none_available", "date": "2026-06-09T17:17:00Z", "details": "Affected", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2026-9076", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker's PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "known_affected": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-9076" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/05b066366842f930fadd9a6e94df98030af431bb", "url": "https://github.com/openssl/security/commit/05b066366842f930fadd9a6e94df98030af431bb" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0", "url": "https://github.com/openssl/security/commit/3d8d5bc1056b2f62da9fede23fedbf47e85187b0" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/715349a1d7c6db970e6815dafb90915f07307f98", "url": "https://github.com/openssl/security/commit/715349a1d7c6db970e6815dafb90915f07307f98" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26", "url": "https://github.com/openssl/security/commit/77bf00ab13f6ff5e516535432f0328ed70ec0c26" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6", "url": "https://github.com/openssl/security/commit/eecbe330977e8d023aae1ca2d9bdbe983ef3fdc6" }, { "category": "external", "summary": "https://openssl-library.org/news/secadv/20260609.txt", "url": "https://openssl-library.org/news/secadv/20260609.txt" } ], "release_date": "2026-06-09T17:17:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-06-13T10:17:05.975063Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "none_available", "date": "2026-06-09T17:17:00Z", "details": "Affected", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2026-45447", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "known_affected": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-45447" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c", "url": "https://github.com/openssl/security/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8", "url": "https://github.com/openssl/security/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54", "url": "https://github.com/openssl/security/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/a541ae8bfe849a30cc885e8780715c0f488e496c", "url": "https://github.com/openssl/security/commit/a541ae8bfe849a30cc885e8780715c0f488e496c" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e", "url": "https://github.com/openssl/security/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e" }, { "category": "external", "summary": "https://openssl-library.org/news/secadv/20260609.txt", "url": "https://openssl-library.org/news/secadv/20260609.txt" } ], "release_date": "2026-06-09T17:17:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-06-13T10:17:05.975063Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "none_available", "date": "2026-06-09T17:17:00Z", "details": "Affected", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] }, { "cve": "CVE-2026-42766", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "known_affected": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-42766" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/056d06c1918fafbb98c1c85a02e4c47cc4e199ce", "url": "https://github.com/openssl/security/commit/056d06c1918fafbb98c1c85a02e4c47cc4e199ce" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/12bc26ffb3a2be728c9b86e1cae277de5b33dfa4", "url": "https://github.com/openssl/security/commit/12bc26ffb3a2be728c9b86e1cae277de5b33dfa4" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/3ff64913615d648cfbb6a6f1cf5529ae7ea829d7", "url": "https://github.com/openssl/security/commit/3ff64913615d648cfbb6a6f1cf5529ae7ea829d7" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/ab52d88cb5374876d59aee3c91f9e4ccce2b7ce4", "url": "https://github.com/openssl/security/commit/ab52d88cb5374876d59aee3c91f9e4ccce2b7ce4" }, { "category": "external", "summary": "https://github.com/openssl/security/commit/da26f368732b83e40e9d356fe61c3d3aaab6d2e8", "url": "https://github.com/openssl/security/commit/da26f368732b83e40e9d356fe61c3d3aaab6d2e8" }, { "category": "external", "summary": "https://openssl-library.org/news/secadv/20260609.txt", "url": "https://openssl-library.org/news/secadv/20260609.txt" } ], "release_date": "2026-06-09T17:17:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-06-13T10:17:05.975063Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els10.amd64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1781345820" }, { "category": "none_available", "date": "2026-06-09T17:17:00Z", "details": "Affected", "product_ids": [ "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl-dev-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.all", "Ubuntu-18:libssl-doc-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.all", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:libssl1.1-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els1.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els2.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els3.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els4.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els7.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els8.amd64", "Ubuntu-18:openssl-0:1.1.1-1ubuntu2.1~18.04.23+tuxcare.els9.amd64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ] } ] }