CVE-2026-31789
Published: 07 April 2026
Description
Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code…
more
execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of the OpenSSL heap buffer overflow vulnerability through application of specific patches that fix the OCTET STRING to hex conversion buffer size calculation on 32-bit platforms.
Mandates validation of untrusted X.509 certificate inputs, including size checks on OCTET STRING values in extensions like SKID or AKID, to prevent processing of excessively large values that trigger the buffer overflow.
Implements memory protections such as address space layout randomization and data execution prevention to mitigate exploitation of the heap buffer overflow leading to code execution or crashes.
Security SummaryAI
CVE-2026-31789 is a heap buffer overflow vulnerability in OpenSSL, triggered when converting an excessively large OCTET STRING value from an X.509 certificate extension—such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID)—to a hexadecimal string on 32-bit platforms. The buffer size for the hexadecimal output is calculated by multiplying the input length by 3, which can overflow on 32-bit systems, resulting in allocation of an undersized buffer and a subsequent heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable, while OpenSSL FIPS modules in versions 3.6, 3.5, 3.4, 3.3, and 3.0 are not affected as the issue lies outside the FIPS module boundary.
An attacker can exploit this vulnerability by supplying a crafted X.509 certificate containing an excessively large OCTET STRING value (over 1 Gigabyte) in the affected extensions. Any remote or local user who can provide such a certificate to a vulnerable application that processes, prints, or logs it—without prior validation of certificate size—could trigger the issue. Successful exploitation may cause a crash or potentially lead to attacker-controlled code execution or other undefined behavior, classified under CWE-787 (Out-of-bounds Write).
Mitigation requires applying patches from the OpenSSL repository, available via the following GitHub commits: https://github.com/openssl/openssl/commit/364f095b80601db632b0def6a33316967f863bde, https://github.com/openssl/openssl/commit/7a9087efd769f362ad9c0e30c7baaa6bbfa65ecf, https://github.com/openssl/openssl/commit/945b935ac66cc7f1a41f1b849c7c25adb5351f49, https://github.com/openssl/openssl/commit/a24216018e1ede8ff01a4ff5afff7dfbd443e2f9, and https://github.com/openssl/openssl/commit/a91e537d16d74050dbde50bb0dfb1fe9930f0521.
Although assigned a CVSS v3.1 score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), the vulnerability received low severity due to its limitation to 32-bit platforms and the impractical requirement for certificates exceeding 1 Gigabyte in size, making printing or logging such certificates unlikely.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow in OpenSSL X.509 cert processing enables remote exploitation of public-facing apps (T1190) or client apps receiving malicious certs (T1203) for code execution or DoS.