CVE-2026-22795 in OpenSSL
Summary
by MITRE • 01/27/2026
Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file.
Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service.
A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read.
The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity.
The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary.
OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.
OpenSSL 1.0.2 is not affected by this issue.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 03/13/2026
This vulnerability exists within the OpenSSL library's handling of PKCS#12 files, which are commonly used for storing and transporting private keys and certificates in a single file format. The issue manifests as a pointer dereference error when processing malformed PKCS#12 files, specifically occurring in the ASN1_TYPE union handling code. The vulnerability stems from a type confusion flaw where the application accesses union members without proper type validation, leading to invalid pointer reads that can cause application crashes. This represents a classic example of improper input validation in cryptographic libraries, where malformed data can trigger unexpected behavior in the parsing logic. The vulnerability is categorized under CWE-476 as a NULL pointer dereference, which occurs when a program attempts to access memory through a pointer that has not been properly initialized or validated. The flaw is particularly concerning in cryptographic contexts where applications may process untrusted data, though the specific nature of the vulnerability limits its exploitation potential.
The technical impact of this vulnerability is constrained by the limited address space targeting, specifically a 1-byte range between 0x00 and 0xFF, which corresponds to the zero page of memory. Modern operating systems typically leave this memory region unmapped, ensuring that any attempt to dereference pointers within this range will result in immediate crashes rather than successful exploitation. This limitation significantly reduces the potential for more sophisticated attacks such as code execution or privilege escalation, as the memory access patterns are restricted to a non-executable region. The vulnerability affects the ASN1 parsing routines that handle PKCS#12 file structures, where the type confusion occurs when the code attempts to access union members without verifying their actual type, creating a scenario where memory access occurs through invalid pointer values. This type of vulnerability is particularly relevant in the context of the ATT&CK framework under the T1203 technique for Obfuscated Files or Information, as the malformed PKCS#12 files could be used to craft malicious inputs that trigger the vulnerability.
The operational impact of this vulnerability is limited to denial of service conditions, where affected applications will crash when processing maliciously crafted PKCS#12 files. This affects applications that process untrusted PKCS#12 data, such as web servers, certificate management tools, or any system that imports certificates from external sources. The low severity assessment reflects the fact that exploitation requires specific conditions, including user interaction with malicious files and the presence of vulnerable OpenSSL versions. The vulnerability affects multiple OpenSSL versions including 3.6, 3.5, 3.4, 3.3, 3.0, and 1.1.1, while older versions such as 1.0.2 and the FIPS modules in versions 3.5, 3.4, 3.3, and 3.0 remain unaffected. The FIPS module exclusion is significant as it indicates that applications using FIPS-compliant cryptographic implementations are not vulnerable, though this protection is limited to the specific module boundaries. The vulnerability does not affect applications that only use OpenSSL for internal operations with trusted certificates, as the issue specifically requires processing of untrusted external data. This makes the vulnerability more relevant in server-side applications or certificate management systems that handle external certificate imports, where the risk of encountering malicious inputs is higher.
Mitigation strategies for this vulnerability primarily involve updating to patched versions of OpenSSL, specifically versions 3.6, 3.5, 3.4, 3.3, 3.0, and 1.1.1, where the type confusion issue has been addressed through proper validation of ASN1_TYPE union members before access. Organizations should prioritize updating their OpenSSL installations, particularly in environments where untrusted PKCS#12 files might be processed, such as certificate authorities, web servers, or any application handling external certificate imports. Input validation measures should be implemented at application layers to reject malformed PKCS#12 files before they reach the OpenSSL library, though this approach is less effective than addressing the root cause in the library itself. Security monitoring should include detection of attempts to process malformed certificate files, though the limited exploitation potential makes this less critical than other vulnerabilities. The vulnerability's design ensures that exploitation will result in denial of service rather than more serious consequences, but system administrators should still treat it as a security concern, particularly in environments where certificate management is critical to operations. Organizations using FIPS modules should verify that their implementations are not vulnerable, though the current assessment indicates that the FIPS boundary protects against this specific issue. The vulnerability's low severity classification reflects its limited exploitability and the requirement for specific conditions to trigger the flaw, but it should still be addressed as part of regular security maintenance procedures.