Skip to content

Update Rust crate openssl to v0.10.79 [SECURITY]#21

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/crate-openssl-vulnerability
Open

Update Rust crate openssl to v0.10.79 [SECURITY]#21
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/crate-openssl-vulnerability

Conversation

@renovate

@renovate renovate Bot commented Mar 31, 2026

Copy link
Copy Markdown

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
openssl dependencies patch 0.10.300.10.79

openssl X509Extension::new and X509Extension::new_nid null pointer dereference

GHSA-6hcf-g6gr-hhcr

More information

Details

These functions would crash when the context argument was None with certain extension types.

Thanks to David Benjamin (Google) for reporting this issue.

Severity

High

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


openssl X509NameBuilder::build returned object is not thread safe

GHSA-3gxf-9r58-2ghg

More information

Details

OpenSSL has a modified bit that it can set on on X509_NAME objects. If this bit is set then the object is not thread-safe even when it appears the code is not modifying the value.

Thanks to David Benjamin (Google) for reporting this issue.

Severity

Medium

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


openssl SubjectAlternativeName and ExtendedKeyUsage::other allow arbitrary file read

GHSA-9qwg-crg9-m2vc

More information

Details

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3_EXT_nconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads.

Thanks to David Benjamin (Google) for reporting this issue.

Severity

High

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


openssl X509VerifyParamRef::set_host buffer over-read

CVE-2023-53159 / GHSA-xcf7-rvmh-g6q4

More information

Details

When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.

Severity

  • CVSS Score: 4.5 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


openssl X509StoreRef::objects is unsound

GHSA-xphf-cx8h-7q9g

More information

Details

This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back.

Use of this function should be replaced with X509StoreRef::all_certificates.

Severity

Medium

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


openssl's MemBio::get_buf has undefined behavior with empty buffers

GHSA-q445-7m23-qrmw

More information

Details

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.

Severity

  • CVSS Score: 6.9 / 10 (Medium)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl ssl::select_next_proto use after free

CVE-2025-24898 / GHSA-rpmj-rpgj-qmpm

More information

Details

Impact

ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This could cause the server to crash or to return arbitrary memory contents to the client.

Patches

openssl 0.10.70 fixes the signature of ssl::select_next_proto to properly constrain the output buffer's lifetime to that of both input buffers.

Workarounds

In standard usage of ssl::select_next_proto in the callback passed to SslContextBuilder::set_alpn_select_callback, code is only affected if the server buffer is constructed within the callback. For example:

Not vulnerable - the server buffer has a 'static lifetime:

builder.set_alpn_select_callback(|_, client_protos| {
    ssl::select_next_proto(b"\x02h2", client_protos).ok_or_else(AlpnError::NOACK)
});

Not vulnerable - the server buffer outlives the handshake:

let server_protos = b"\x02h2".to_vec();
builder.set_alpn_select_callback(|_, client_protos| {
    ssl::select_next_proto(&server_protos, client_protos).ok_or_else(AlpnError::NOACK)
});

Vulnerable - the server buffer is freed when the callback returns:

builder.set_alpn_select_callback(|_, client_protos| {
    let server_protos = b"\x02h2".to_vec();
    ssl::select_next_proto(&server_protos, client_protos).ok_or_else(AlpnError::NOACK)
});
References

https://github.com/sfackler/rust-openssl/pull/2360

Severity

  • CVSS Score: 6.3 / 10 (Medium)
  • Vector String: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer

CVE-2026-41898 / GHSA-hppc-g8h3-xhp3

More information

Details

The FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut [u8] that was handed to the closure. This can lead to buffer overflows and other unintended consequences.

Severity

  • CVSS Score: 8.3 / 10 (High)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl has incorrect bounds assertion in aes key wrap

CVE-2026-41678 / GHSA-8c75-8mhr-p7r9

More information

Details

Summary

aes::unwrap_key() has an incorrect bounds assertion on the out buffer size, which can lead to out-of-bounds write.

Details

aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= in_.len(), but this condition is reversed. The intended invariant is out.len() >= in_.len() - 8, ensuring the output buffer is large enough.

Because of the inverted check, the function only accepts buffers at or below the minimum required size and rejects larger ones. If a smaller buffer is provided the function will write past the end of out by in_.len() - 8 - out.len() bytes, causing an out-of-bounds write from a safe public function.

Impact

Vulnerable applications using AES keywrap and allowing attacker controlled buffer sizes could have an attacker trigger an out-of-bounds write.

Severity

  • CVSS Score: 7.2 / 10 (High)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length

CVE-2026-41677 / GHSA-xmgf-hq76-4vx2

More information

Details

The *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this.

Severity

  • CVSS Score: 1.7 / 10 (Low)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

CVE-2026-41676 / GHSA-pqf5-4pqq-29f5

More information

Details

Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out length to EVP_PKEY_derive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming *keylen, unconditionally writing the full shared secret (32/56/prime-size bytes). A caller passing a short slice gets a heap/stack overflow from safe code. OpenSSL 3.x providers do check, so this only impacts older OpenSSL.

Severity

  • CVSS Score: 7.2 / 10 (High)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

CVE-2026-42327 / GHSA-xp3w-r5p5-63rr

More information

Details

X509Ref::ocsp_responders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref<Target = str> wraps the raw bytes with str::from_utf8_unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation causes safe Rust code to construct a &str that violates the UTF-8 invariant — resulting in undefined behavior.

Severity

  • CVSS Score: 8.7 / 10 (High)
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CVE-2026-44662 / GHSA-xv59-967r-8726

More information

Details

CipherCtxRef::cipher_update, CipherCtxRef::cipher_update_vec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers (EVP_aes_{128,192,256}_wrap_pad). For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption when the plaintext length is attacker-influenced.

This only impacts users using AES key-wrap-with-padding ciphers.

Severity

  • CVSS Score: 5.1 / 10 (Medium)
  • Vector String: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


Release Notes

rust-openssl/rust-openssl (openssl)

v0.10.79

Compare Source

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

v0.10.78

Compare Source

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78

v0.10.77

Compare Source

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.77

v0.10.76

Compare Source

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.75...openssl-v0.10.76

v0.10.75

Compare Source

What's Changed
New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.74...openssl-v0.10.75

v0.10.74

Compare Source

What's Changed
New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.73...openssl-v0.10.74

v0.10.73

Compare Source

What's Changed

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.72...openssl-v0.10.73

v0.10.72

Compare Source

What's Changed

New Contributors

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.71...openssl-v0.10.72

v0.10.71

Compare Source

What's Changed

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • ""
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot force-pushed the renovate/crate-openssl-vulnerability branch from c65001d to 5c811aa Compare April 30, 2026 01:58
@renovate renovate Bot changed the title Update Rust crate openssl to v0.10.70 [SECURITY] Update Rust crate openssl to v0.10.78 [SECURITY] Apr 30, 2026
@renovate renovate Bot force-pushed the renovate/crate-openssl-vulnerability branch from 5c811aa to ee50069 Compare May 7, 2026 07:51
@renovate renovate Bot changed the title Update Rust crate openssl to v0.10.78 [SECURITY] Update Rust crate openssl to v0.10.79 [SECURITY] May 7, 2026
@renovate renovate Bot force-pushed the renovate/crate-openssl-vulnerability branch from ee50069 to 4f5ff4f Compare May 22, 2026 03:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants