CVE-2025-15467 HIGH

Published: 2026-01-27 | Last Modified: 2026-06-09 | Status: Modified

Description

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Additional Descriptions (1)

Resumen del problema: Analizar un mensaje CMS AuthEnvelopedData con parámetros AEAD creados maliciosamente puede desencadenar un desbordamiento de búfer de pila. Resumen del impacto: Un desbordamiento de búfer de pila puede provocar un fallo, causando Denegación de Servicio, o potencialmente ejecución remota de código. Al analizar estructuras CMS AuthEnvelopedData que utilizan cifrados AEAD como AES-GCM, el IV (Vector de Inicialización) codificado en los parámetros ASN.1 se copia en un búfer de pila de tamaño fijo sin verificar que su longitud se ajuste al destino. Un atacante puede proporcionar un mensaje CMS manipulado con un IV de tamaño excesivo, causando una escritura fuera de límites basada en pila antes de que ocurra cualquier autenticación o verificación de etiqueta. Las aplicaciones y servicios que analizan contenido CMS o PKCS#7 no confiable utilizando cifrados AEAD (por ejemplo, S/MIME AuthEnvelopedData con AES-GCM) son vulnerables. Debido a que el desbordamiento ocurre antes de la autenticación, no se requiere material de clave válido para desencadenarlo. Si bien la explotabilidad para la ejecución remota de código depende de las mitigaciones de la plataforma y la cadena de herramientas, la primitiva de escritura basada en pila representa un riesgo grave. Los módulos FIPS en 3.6, 3.5, 3.4, 3.3 y 3.0 no se ven afectados por este problema, ya que la implementación de CMS está fuera del límite del módulo FIPS de OpenSSL. OpenSSL 3.6, 3.5, 3.4, 3.3 y 3.0 son vulnerables a este problema. OpenSSL 1.1.1 y 1.0.2 no se ven afectados por este problema.

CVSS Metrics

Base Score: 8.8 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	REQUIRED
Scope	UNCHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	HIGH

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Type: Secondary

Exploitability Score: 2.8

Impact Score: 5.9

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-787

Affected Products

Vendor	Product	Version	Update	Type
openssl	openssl	*	<built-in method update of dict object at 0x7d1e5feba900>	Application
openssl	openssl	*	<built-in method update of dict object at 0x7d1ea0faf840>	Application
openssl	openssl	*	<built-in method update of dict object at 0x7d1e643c1940>	Application
openssl	openssl	*	<built-in method update of dict object at 0x7d1e5feba1c0>	Application
openssl	openssl	*	<built-in method update of dict object at 0x7d1e5feb8a40>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:openssl:openssl::::::::`
Yes	`cpe:2.3:a:openssl:openssl::::::::`
Yes	`cpe:2.3:a:openssl:openssl::::::::`
Yes	`cpe:2.3:a:openssl:openssl::::::::`
Yes	`cpe:2.3:a:openssl:openssl::::::::`

References

https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703
Source: [email protected]

Patch
https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9
Source: [email protected]

Patch
https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3
Source: [email protected]

Patch
https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e
Source: [email protected]

Patch
https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc
Source: [email protected]

Patch
https://openssl-library.org/news/secadv/20260127.txt
Source: [email protected]

Vendor Advisory
http://www.openwall.com/lists/oss-security/2026/01/27/10
Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List
http://www.openwall.com/lists/oss-security/2026/02/25/6
Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List
https://cert-portal.siemens.com/productcert/html/ssa-434797.html
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
https://github.com/guiimoraes/CVE-2025-15467
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit Third Party Advisory