OpenSSL Vulnerabilities - Sensitive Data Exposed in RSA KEM
Moderate risk — monitor and plan remediation
Basically, OpenSSL had flaws that could leak sensitive data due to bad coding in its encryption process.
OpenSSL's April 2026 update addresses critical vulnerabilities, particularly CVE-2026-31790. This flaw can leak sensitive data through improper RSA KEM handling. Users are urged to patch immediately to protect their systems.
What Happened
OpenSSL has released a significant security update in April 2026, addressing seven vulnerabilities across its supported branches. The most critical among these is CVE-2026-31790, a moderate-severity flaw related to RSA KEM RSASVE encapsulation, which can potentially expose uninitialized memory to malicious actors.
The Flaw
The vulnerability arises when applications use EVP_PKEY_encapsulate() to derive a shared secret from an attacker-supplied RSA public key without proper validation. The underlying issue is a logic error in the return-value check of the RSA_public_encrypt() function. While it returns -1 on failure, the affected code only checks for non-zero values, leading to a situation where encapsulation appears successful even when it has failed. This oversight can allow sensitive data from previous executions to be sent back to a peer, effectively leaking information.
What's at Risk
The flaw affects various versions of OpenSSL, specifically 3.0, 3.3, 3.4, 3.5, and 3.6. However, versions 1.0.2 and 1.1.1 are not impacted. The vulnerability is particularly concerning for applications in regulated environments that rely on validated cryptographic boundaries, such as those using FIPS modules.
Patch Status
OpenSSL recommends users of vulnerable 3.x releases upgrade to versions 3.0.20, 3.3.7, 3.4.5, 3.5.6, or 3.6.2, depending on their current branch. Additionally, they advise implementing checks with EVP_PKEY_public_check() or EVP_PKEY_public_check_quick() before calling EVP_PKEY_encapsulate(), as this can mitigate the risk by ensuring that only valid RSA public keys are processed.
Immediate Actions
Organizations should take the following steps to protect themselves:
- Upgrade to the latest OpenSSL version as soon as possible.
- Implement public key validation in workflows that utilize RSA-based encapsulation.
- Review applications that may use the affected OpenSSL APIs to ensure they are not accepting unvalidated keys.
Conclusion
The vulnerabilities in OpenSSL serve as a reminder that cryptographic libraries can harbor risks, especially when applications process untrusted inputs. Security teams should remain vigilant and ensure their systems are updated to avoid potential data leakage incidents. OpenSSL's advisory highlights the importance of proper validation and error handling in cryptographic operations.
🔍 How to Check If You're Affected
- 1.Check if your OpenSSL version is 3.0, 3.3, 3.4, 3.5, or 3.6.
- 2.Review application code for proper public key validation before RSA operations.
- 3.Monitor for any unusual behavior in applications using OpenSSL APIs.
🔒 Pro insight: The flawed encapsulation logic underscores the critical need for rigorous input validation in cryptographic implementations to prevent data leakage.