HIGH 7.5

CVE-2026-42765: OpenSSL NULL Pointer Dereference in OCSP Certificate Chain Verification

CVE-2026-42765 is a denial-of-service vulnerability in OpenSSL that crashes applications when two specific certificate verification features are enabled simultaneously. The flaw occurs when OCSP response checking for the entire certificate chain is combined with partial-chain verification, and the chain lacks a self-signed trusted root certificate. Under these conditions, the code attempts to dereference a NULL pointer, causing the application to crash. Since both features are disabled by default in OpenSSL, real-world risk is limited to applications that explicitly enable both flags.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weaknesses (CWE)
CWE-476
Affected products
2 configuration(s)
Published / Modified
2026-06-09 / 2026-06-17

NVD description (verbatim)

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application. When performing OCSP response checking for certificates in the verification chain, the code always tries to access the next certificate as the issuer. There is a check for a self-signed certificate. However with the partial chain verification enabled when the chain does not have a self-signed trusted anchor, the issuer will be NULL for the last certificate in the chain. A NULL pointer dereference then happens. This issue affects only applications which enable both OCSP verification of the certificate chain (X509_V_FLAG_OCSP_RESP_CHECK_ALL) and partial chain verification (X509_V_FLAG_PARTIAL_CHAIN) in the certificate verification. Both flags are disabled by default. For that reason, we have assigned Low severity to the issue. No FIPS modules are affected by this issue as the affected code is outside the OpenSSL FIPS module boundary.

3 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability is a NULL pointer dereference (CWE-476) in OpenSSL's certificate verification logic. When processing OCSP responses for a certificate chain, the code iterates through certificates to check each against its issuer. A safety check exists for self-signed certificates, but fails when partial-chain verification is enabled and the verified chain terminates without a self-signed trusted anchor. The final certificate in the chain has no issuer to reference, resulting in a NULL pointer being dereferenced. The FIPS module is unaffected because the vulnerable code lies outside its boundary.

Business impact

Organizations running applications that enable both X509_V_FLAG_OCSP_RESP_CHECK_ALL and X509_V_FLAG_PARTIAL_CHAIN face potential service unavailability. A remote, unauthenticated attacker can trigger a crash by presenting a certificate chain that meets the specific conditions (no self-signed root, OCSP checking enabled). This translates to denial of service for any application processing such certificates—particularly relevant for TLS endpoints, API servers, and certificate validation services. The attack requires no user interaction and can be delivered over the network.

Affected systems

OpenSSL versions affected by this issue have not been explicitly specified in the provided vulnerability data. The vulnerability impacts only applications compiled against OpenSSL that explicitly enable both partial-chain verification (X509_V_FLAG_PARTIAL_CHAIN) and OCSP response checking for the full chain (X509_V_FLAG_OCSP_RESP_CHECK_ALL). These settings are non-default, limiting the population of affected deployments. Verify the specific OpenSSL versions and application configurations against the official OpenSSL security advisory.

Exploitability

The exploit is trivial to execute: a remote attacker simply presents a specially crafted certificate chain during a TLS handshake or certificate validation API call. No authentication, user interaction, or local access is required. The network attack vector (AV:N), low attack complexity (AC:L), and lack of privilege requirements (PR:N) make this readily exploitable. However, the practical attack surface depends on whether target applications have enabled both non-default verification flags. The absence of this vulnerability from the CISA Known Exploited Vulnerabilities (KEV) catalog suggests no active exploitation has been cataloged to date.

Remediation

Apply the OpenSSL security patch as soon as it becomes available from the OpenSSL project. Pending patch availability, immediately audit your applications to determine whether both X509_V_FLAG_OCSP_RESP_CHECK_ALL and X509_V_FLAG_PARTIAL_CHAIN are enabled. If both are active, either disable partial-chain verification or disable OCSP chain checking until a patch is deployed. Review whether partial-chain verification is actually necessary for your use case; in many deployments, it is not. Ensure your OpenSSL dependency is kept current as part of routine patch management.

Patch guidance

Monitor the OpenSSL security advisory page (openssl.org/news/secadv) for the specific patch release addressing CVE-2026-42765. Verify the patch version number and applicability to your OpenSSL version before deployment. Test patches in a non-production environment, particularly if your applications rely on partial-chain verification for legitimate business logic. Update your build and deployment pipelines to incorporate the patched OpenSSL version. If using OpenSSL through a third-party distribution or container image, confirm that your vendor or maintainer has released an updated package.

Detection guidance

Monitor application logs for NULL pointer dereference crashes or segmentation faults during certificate validation operations. If using OpenSSL compiled with debugging symbols, core dumps may indicate a crash in the X509 verification code path. Network-based detection is difficult because the malicious input (a crafted certificate chain) appears as normal TLS traffic; focus on application behavior monitoring and crash analysis. Consider enabling verbose logging in applications that perform certificate verification to track unusual certificate chain patterns (e.g., chains without self-signed roots when partial-chain verification is active).

Why prioritize this

Despite a CVSS score of 7.5 (HIGH severity), real-world risk is moderate due to the requirement for both non-default verification flags to be simultaneously enabled. Prioritize this vulnerability for organizations that have explicitly enabled partial-chain verification in production applications—common in some enterprise PKI deployments and certificate pinning scenarios. Organizations using OpenSSL in default configurations face minimal risk. The lack of KEV catalog inclusion and reported exploitation suggests this is not an imminent threat, but the remote, unauthenticated exploit path warrants prompt patching once fixes are available.

Risk score, explained

The CVSS 3.1 score of 7.5 reflects the high exploitability (remote, no authentication required, low complexity) and guaranteed availability impact (crash). However, this score does not account for the reduced environmental severity due to the requirement for both non-default flags. The vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H correctly shows no confidentiality or integrity impact, only availability. Organizations should apply their own risk modifiers based on whether affected flag combinations are present in their deployments.

Frequently asked questions

Do standard OpenSSL installations need to patch immediately?

No. The vulnerability requires both X509_V_FLAG_OCSP_RESP_CHECK_ALL and X509_V_FLAG_PARTIAL_CHAIN to be explicitly enabled by the application. These are non-default settings. Standard OpenSSL deployments are unaffected. However, you should audit your application code to confirm these flags are not enabled before deprioritizing this issue.

Can an attacker exploit this without a valid certificate?

The attacker needs to present a certificate chain that meets the specific conditions (no self-signed trusted anchor) during validation. The certificate itself does not need to be valid or trusted—only present in the chain being checked. This makes exploitation straightforward for any remote connection that triggers certificate verification.

Are there workarounds besides patching?

Yes. Disable either X509_V_FLAG_PARTIAL_CHAIN or X509_V_FLAG_OCSP_RESP_CHECK_ALL in your application configuration until a patch is available. Review whether partial-chain verification is actually required for your use case; many applications enable it unnecessarily. Disabling one of these two flags eliminates the crash condition without waiting for a patch.

Why is this marked as LOW severity when the CVSS is 7.5?

The OpenSSL project assigned LOW severity because the vulnerability requires non-default flags to be enabled. The CVSS 3.1 score of 7.5 reflects the exploitability and impact, but does not incorporate the lower real-world applicability due to flag configuration. Both assessments are valid for different contexts.

This analysis is provided for informational purposes based on publicly available vulnerability data as of the publication date. Patch version numbers, affected versions, and remediation details should be verified against official OpenSSL security advisories before deployment. CVSS scores and severity ratings are from the CVE/CVSS authoritative sources and do not reflect organizational risk tolerance or environmental factors. Organizations should conduct their own threat modeling and risk assessment. No exploit code or weaponized proof-of-concept details are provided. For the latest vulnerability information, consult openssl.org/news/secadv and your vendor security bulletins. Source: NVD (public-domain), retrieved 2026-07-15. Analysis generated by SEC.co (claude-haiku-4-5).