CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature<br /> verification of signed PKCS#7 data where an ASN1_TYPE union member is<br /> accessed without first validating the type, causing an invalid or NULL<br /> pointer dereference when processing malformed PKCS#7 data.<br /> <br /> Impact summary: An application performing signature verification of PKCS#7<br /> data or calling directly the PKCS7_digest_from_attributes() function can be<br /> caused to dereference an invalid or NULL pointer when reading, resulting in<br /> a Denial of Service.<br /> <br /> The function PKCS7_digest_from_attributes() accesses the message digest attribute<br /> value without validating its type. When the type is not V_ASN1_OCTET_STRING,<br /> this results in accessing invalid memory through the ASN1_TYPE union, causing<br /> a crash.<br /> <br /> Exploiting this vulnerability requires an attacker to provide a malformed<br /> signed PKCS#7 to an application that verifies it. The impact of the<br /> exploit is just a Denial of Service, the PKCS7 API is legacy and applications<br /> should be using the CMS API instead. For these reasons the issue was<br /> assessed as Low severity.<br /> <br /> The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,<br /> as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module<br /> boundary.<br /> <br /> OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.