#1134881 rust-openssl: CVE-2026-41676 CVE-2026-41677 CVE-2026-41678 CVE-2026-41681 CVE-2026-41898

Package:
src:rust-openssl
Source:
src:rust-openssl
Submitter:
Moritz Mühlenhoff
Date:
2026-04-25 15:41:02 UTC
Severity:
normal
Tags:
#1134881#5
Date:
2026-04-25 10:29:36 UTC
From:
To:
Hi,

The following vulnerabilities were published for rust-openssl.

All fixed in 0.10.78.

CVE-2026-41676[0]:
| rust-openssl provides OpenSSL bindings for the Rust programming
| language.  From 0.9.27 to before 0.10.78, Deriver::derive (and
| PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out
| length to EVP_PKEY_derive, relying on OpenSSL to honor it. On
| OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming
| *keylen, unconditionally writing the full shared secret
| (32/56/prime-size bytes). A caller passing a short slice gets a
| heap/stack overflow from safe code. OpenSSL 3.x providers do check,
| so this only impacts older OpenSSL. This vulnerability is fixed in
| 0.10.78.


CVE-2026-41677[1]:
| rust-openssl provides OpenSSL bindings for the Rust programming
| language.  From 0.9.0 to before 0.10.78, the *_from_pem_callback
| APIs did not validate the length returned by the user's callback. A
| password callback that returns a value larger than the buffer it was
| given can cause some versions of OpenSSL to over-read this buffer.
| OpenSSL 3.x is not affected by this. This vulnerability is fixed in
| 0.10.78.


CVE-2026-41678[2]:
| rust-openssl provides OpenSSL bindings for the Rust programming
| language.  From  to before 0.10.78, aes::unwrap_key() contains an
| incorrect assertion: it checks that out.len() + 8 <= in_.len(), but
| this condition is reversed. The intended invariant is out.len() >=
| in_.len() - 8, ensuring the output buffer is large enough. Because
| of the inverted check, the function only accepts buffers at or below
| the minimum required size and rejects larger ones. If a smaller
| buffer is provided the function will write past the end of out by
| in_.len() - 8 - out.len() bytes, causing an out-of-bounds write from
| a safe public function. This vulnerability is fixed in 0.10.78.


CVE-2026-41681[3]:
| rust-openssl provides OpenSSL bindings for the Rust programming
| language.  From 0.10.39 to before 0.10.78, EVP_DigestFinal() always
| writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller
| than that, MdCtxRef::digest_final() writes past its end, usually
| corrupting the stack. This is reachable from safe Rust. This
| vulnerability is fixed in 0.10.78.


CVE-2026-41898[4]:
| rust-openssl provides OpenSSL bindings for the Rust programming
| language.  From 0.9.24 to before 0.10.78, the FFI trampolines behind
| SslContextBuilder::set_psk_client_callback, set_psk_server_callback,
| set_cookie_generate_cb, and set_stateless_cookie_generate_cb
| forwarded the user closure's returned usize directly to OpenSSL
| without checking it against the &mut [u8] that was handed to the
| closure. This can lead to buffer overflows and other unintended
| consequences. This vulnerability is fixed in 0.10.78.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2026-41676
https://www.cve.org/CVERecord?id=CVE-2026-41676
[1] https://security-tracker.debian.org/tracker/CVE-2026-41677
https://www.cve.org/CVERecord?id=CVE-2026-41677
[2] https://security-tracker.debian.org/tracker/CVE-2026-41678
https://www.cve.org/CVERecord?id=CVE-2026-41678
[3] https://security-tracker.debian.org/tracker/CVE-2026-41681
https://www.cve.org/CVERecord?id=CVE-2026-41681
[4] https://security-tracker.debian.org/tracker/CVE-2026-41898
https://www.cve.org/CVERecord?id=CVE-2026-41898

Please adjust the affected versions in the BTS as needed.

#1134881#12
Date:
2026-04-25 15:39:29 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
rust-openssl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1134881@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Michael Green <plugwash@debian.org> (supplier of updated rust-openssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sat, 25 Apr 2026 13:05:53 +0000
Source: rust-openssl
Architecture: source
Version: 0.10.78-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers <pkg-rust-maintainers@alioth-lists.debian.net>
Changed-By: Peter Michael Green <plugwash@debian.org>
Closes: 1132529 1134881
Changes:
 rust-openssl (0.10.78-1) unstable; urgency=medium
 .
   * Team upload.
   * Package openssl 0.10.78 from crates.io using debcargo 2.8.2 (Closes: #1132529)
     + New upstream fixes CVE-2026-41676 CVE-2026-41677 CVE-2026-41678 CVE-2026-41681 CVE-2026-41898 (Closes: #1134881)
   * Update disable-aws-lc.patch for new upstream.
Checksums-Sha1:
 0393ad09dc4fde3ddb73a958e2f3633da8052b9c 2651 rust-openssl_0.10.78-1.dsc
 ed57566b304dc1bfaccde6c1fc4cef05e6decf21 292622 rust-openssl_0.10.78.orig.tar.gz
 cb2b4dac594c99405154b41e5679dc709503f78d 3104 rust-openssl_0.10.78-1.debian.tar.xz
 d05a214e8e243e99df311d4ae7abb394e850ae25 9083 rust-openssl_0.10.78-1_source.buildinfo
Checksums-Sha256:
 74f8e5f4b81a55623b2dad5562321c9e720af77cf1f9fa83d2ff7568523d90e9 2651 rust-openssl_0.10.78-1.dsc
 f38c4372413cdaaf3cc79dd92d29d7d9f5ab09b51b10dded508fb90bb70b9222 292622 rust-openssl_0.10.78.orig.tar.gz
 8588a724380337bec904b72f6d36ded74dcf2a26a8e551acd9279dd5f965f730 3104 rust-openssl_0.10.78-1.debian.tar.xz
 03e81f0afd21829961a274807728cb43ca93e84eef5fd9a7b98f8ec3642983ec 9083 rust-openssl_0.10.78-1_source.buildinfo
Files:
 cf175cfe53f085c965879a79ae333cbc 2651 rust optional rust-openssl_0.10.78-1.dsc
 1d26fbadca9532f1264e5f6352666bcc 292622 rust optional rust-openssl_0.10.78.orig.tar.gz
 60327449cff0fbcfc0eb9d349c47d551 3104 rust optional rust-openssl_0.10.78-1.debian.tar.xz
 4da2b7522452ee5e7e0bdb0059a5ac2e 9083 rust optional rust-openssl_0.10.78-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAyFiEEU0DQATYMplbjSX63DEjqKnqP/XsFAmns1rsUHHBsdWd3YXNo
QGRlYmlhbi5vcmcACgkQDEjqKnqP/XtKtg/0CHMcam5EjqlyFeOjORbo7TJZjGsL
K1sxFhI2P278aTZaalwlp2WqPOG7stgWnYayAFZeuI4OMmPHnPMcCByQxclAGOPC
bnJ1y8Ho5+YsS8xQEPoP1X8PThGolmE/u/TEoUG4xOvtDggKqNZj70oNbnUnVrKN
7EnlJsJ9Q8jTCtSawwA9uEsbfPjB9GEezEpoBaRE7lgU6Ile5IqKG920dwn5uTdS
Im3wgf5RViYUh9RV1uLAdNkizXUEXw+V6OOwx5DkkzqGQrLxJpq0fACT+Ud7+lDA
GqnFBGmxvqqpB8MJvHAIWG2GWhWlr+aeL3e/Z6Soagdbs4MgrkTz8V7QS7g7V4X6
O6flFb35kw5/7Hbfa+0YT9HwrsJeuNaLloBAbXKP/97Gnwft/dgHzqqkD58CljJA
pSe4oWbXQabfdDmb+7aX2lhgBqOcnH0QD0uKFaGEopvGgfUA8geSkTd+kFTDAKgD
dVEdoytVNeyO5QkSSk+StwYJ5Dc5genv1xCqGedR/8VJDE1Z8154TvsGEW7wsSRC
lnQRj9cjWOQoIurL+h3n7uWCuTzfI1RHGuIXL92FXlWAhu2pRQ4WFJJuDvzWfIOW
Vm6EI5G3SzESJ0qVTR1RyxhAcnylTZzeKmYY0PIENOYMGcGGVwZG+7zg+3rupeUU
wcifgGltI0l2qQ==
=44Aj
-----END PGP SIGNATURE-----