Detections
Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-45447

high Nessus Plugin ID 320333

Language:

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

 - Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary. (CVE-2026-45447)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

See Also

https://access.redhat.com/security/cve/cve-2026-45447

https://ubuntu.com/security/CVE-2026-45447

Plugin Details

Severity: High

ID: 320333

File Name: unpatched_CVE_2026_45447.nasl

Version: 1.8

Type: Local

Agent: unix

Family: Misc.

Published: 6/10/2026

Updated: 6/16/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2026-45447

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:U/RC:C

Vulnerability Information

CPE: p-cpe:/a:centos:centos:openssl, p-cpe:/a:redhat:enterprise_linux:openssl-devel, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:centos:centos:compat-openssl10, p-cpe:/a:redhat:enterprise_linux:openssl-perl, p-cpe:/a:centos:centos:openssl-libs, p-cpe:/a:centos:centos:openssl-perl, cpe:/o:canonical:ubuntu_linux:25.10, p-cpe:/a:redhat:enterprise_linux:openssl-static, cpe:/o:redhat:enterprise_linux:9, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:centos:centos:openssl-static, cpe:/o:centos:centos:8, p-cpe:/a:canonical:ubuntu_linux:nodejs, p-cpe:/a:redhat:enterprise_linux:compat-openssl10, p-cpe:/a:redhat:enterprise_linux:compat-openssl11, cpe:/o:redhat:enterprise_linux:8, p-cpe:/a:redhat:enterprise_linux:openssl-libs, p-cpe:/a:centos:centos:openssl-devel, p-cpe:/a:canonical:ubuntu_linux:edk2, cpe:/o:canonical:ubuntu_linux:26.04:-:lts, cpe:/o:centos:centos:7, p-cpe:/a:centos:centos:compat-openssl11, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:openssl, cpe:/o:canonical:ubuntu_linux:22.04:-:lts

Required KB Items: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 6/9/2026

Reference Information

CVE: CVE-2026-45447