Bug 2481893 (CVE-2026-42769)
| Summary: | CVE-2026-42769 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | rhel-process-autobot, security-response-team, watson-tool-maintainers |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the Certificate Management Protocol (CMP) implementation within OpenSSL. An attacker with existing Registration Authority (RA) level credentials could exploit an error in the certificate verification process during a Root Certificate Authority (CA) key update. This vulnerability allows the attacker to replace the root CA certificate for CMP clients with a fraudulent one. The primary consequence is an escalation of privileges, enabling the attacker to gain control equivalent to the root CA.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Deadline: | 2026-06-09 | ||
|
Description
OSIDB Bzimport
2026-05-27 14:20:11 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:25237 https://access.redhat.com/errata/RHSA-2026:25237 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:25239 https://access.redhat.com/errata/RHSA-2026:25239 |