PatchSiren cyber security CVE debrief
CVE-2026-7383 OpenSSL CVE debrief
A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. This issue impacts applications that call ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly or register a custom string type via ASN1_STRING_TABLE_add() with attacker-controlled input on the order of half a gigabyte or more.
- Vendor
- OpenSSL
- Product
- Unknown
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Developers and users of applications that utilize OpenSSL's ASN1_mbstring_copy() or ASN1_mbstring_ncopy() functions, or those that register custom string types via ASN1_STRING_TABLE_add().
Technical summary
The calculation of the destination size for Unicode output in ASN1_mbstring_copy() and ASN1_mbstring_ncopy() overflows when the input reaches around 2^30 characters. In the worst case, this can lead to a call to OPENSSL_malloc(1) followed by a write of several gigabytes past the one-byte allocation.
Defensive priority
Low
Recommended defensive actions
- Update to the latest version of OpenSSL that includes the fix.
- Review and update applications that utilize OpenSSL's ASN1_mbstring_copy() or ASN1_mbstring_ncopy() functions, or those that register custom string types via ASN1_STRING_TABLE_add().
Evidence notes
The FIPS modules in OpenSSL versions 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue.
Official resources
CVE-2026-7383 was published on 2026-06-09T17:17:50.337Z and modified on 2026-06-10T08:16:25.463Z.