OpenSSL NULL Pointer Dereference Vulnerability in Password-Based CMS Decryption

A NULL pointer dereference vulnerability has been identified in OpenSSL's handling of password-encrypted Cryptographic Message Syntax (CMS) messages. This issue arises during the decryption process, where the CMS PasswordRecipientInfo.keyDerivationAlgorithm field, defined as optional in the ASN.1 specification, may be absent in specially crafted inputs. The OpenSSL CMS implementation dereferences this field without prior validation, leading to a crash and causing a denial-of-service condition. This vulnerability affects OpenSSL versions 4.0, 3.6, 3.5, 3.4, 3.0, 1.1.1, and 1.0.2, except for the FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0, which are not affected as the issue lies outside the FIPS module boundary.

Impact

Exploitation of this vulnerability causes an application crash, leading to a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send a password-encrypted CMS message that omits the keyDerivationAlgorithm field to an application performing password-based CMS decryption. The absence of this field will trigger a NULL pointer dereference, causing the application to crash.

Remediation

Users of OpenSSL 4.0 should upgrade to OpenSSL 4.0.1. Users of OpenSSL 3.6 should upgrade to OpenSSL 3.6.3. Users of OpenSSL 3.5 should upgrade to OpenSSL 3.5.7. Users of OpenSSL 3.4 should upgrade to OpenSSL 3.4.6. Users of OpenSSL 3.0 should upgrade to OpenSSL 3.0.21. Users of OpenSSL 1.1.1 should upgrade to OpenSSL 1.1.1zh (premium support customers only). Users of OpenSSL 1.0.2 should upgrade to OpenSSL 1.0.2zq (premium support customers only).