2445345 – (CVE-2026-27137) CVE-2026-27137 crypto/x509: Incorrect enforcement of email constraints in crypto/x509

Bug 2445345 (CVE-2026-27137) - CVE-2026-27137 crypto/x509: Incorrect enforcement of email constraints in crypto/x509

Summary: CVE-2026-27137 crypto/x509: Incorrect enforcement of email constraints in cry...

Keywords:
Status:	NEW
Alias:	CVE-2026-27137
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2446047
Blocks:
TreeView+	depends on / blocked

Reported:	2026-03-06 22:02 UTC by OSIDB Bzimport
Modified:	2026-06-22 20:28 UTC (History)
CC List:	129 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2026:10169	None	None	None	2026-04-23 17:46:11 UTC
Red Hat Product Errata	RHSA-2026:10929	None	None	None	2026-04-27 13:50:41 UTC
Red Hat Product Errata	RHSA-2026:19022	None	None	None	2026-05-19 13:02:53 UTC
Red Hat Product Errata	RHSA-2026:19049	None	None	None	2026-05-19 13:06:45 UTC
Red Hat Product Errata	RHSA-2026:19132	None	None	None	2026-05-19 16:05:28 UTC
Red Hat Product Errata	RHSA-2026:19181	None	None	None	2026-05-19 17:59:55 UTC
Red Hat Product Errata	RHSA-2026:22450	None	None	None	2026-06-02 11:08:26 UTC
Red Hat Product Errata	RHSA-2026:22714	None	None	None	2026-06-03 08:00:55 UTC
Red Hat Product Errata	RHSA-2026:22937	None	None	None	2026-06-03 18:49:44 UTC
Red Hat Product Errata	RHSA-2026:23228	None	None	None	2026-06-04 13:10:46 UTC
Red Hat Product Errata	RHSA-2026:28038	None	None	None	2026-06-22 20:28:12 UTC
Red Hat Product Errata	RHSA-2026:8842	None	None	None	2026-04-20 00:34:17 UTC

Description OSIDB Bzimport 2026-03-06 22:02:01 UTC

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Comment 8 errata-xmlrpc 2026-04-20 00:34:11 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:8842 https://access.redhat.com/errata/RHSA-2026:8842

Comment 9 errata-xmlrpc 2026-04-23 17:46:02 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:10169 https://access.redhat.com/errata/RHSA-2026:10169

Comment 10 errata-xmlrpc 2026-04-27 13:50:29 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:10929 https://access.redhat.com/errata/RHSA-2026:10929

Comment 13 errata-xmlrpc 2026-05-19 13:02:45 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19022 https://access.redhat.com/errata/RHSA-2026:19022

Comment 14 errata-xmlrpc 2026-05-19 13:06:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19049 https://access.redhat.com/errata/RHSA-2026:19049

Comment 15 errata-xmlrpc 2026-05-19 16:05:21 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19132 https://access.redhat.com/errata/RHSA-2026:19132

Comment 16 errata-xmlrpc 2026-05-19 17:59:48 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19181 https://access.redhat.com/errata/RHSA-2026:19181

Comment 17 errata-xmlrpc 2026-06-02 11:08:19 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:22450 https://access.redhat.com/errata/RHSA-2026:22450

Comment 18 errata-xmlrpc 2026-06-03 08:00:46 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:22714 https://access.redhat.com/errata/RHSA-2026:22714

Comment 19 errata-xmlrpc 2026-06-03 18:49:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:22937 https://access.redhat.com/errata/RHSA-2026:22937

Comment 20 errata-xmlrpc 2026-06-04 13:10:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:23228 https://access.redhat.com/errata/RHSA-2026:23228

Comment 21 errata-xmlrpc 2026-06-22 20:28:05 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:28038 https://access.redhat.com/errata/RHSA-2026:28038

Note You need to log in before you can comment on or make changes to this bug.

aazores
abarbaro
abrianik
akostadi
akoudelk
alcohan
alebedev
alizardo
amasferr
anjoseph
anpicker
ansmith
anthomas
bbrownin
bdettelb
bparees
chfoley
ckandaga
cmah
crizzo
dhanak
dmayorov
doconnor
drosa
dschmidt
dsimansk
dymurray
eaguilar
ebaron
eborisov
eglynn
ehelms
erezende
fdeutsch
ggainey
ggrzybek
gparvin
hasun
ibolton
jbalunas
jburrell
jcantril
jchui
jeder
jfula
jhe
jjoyce
jkoehler
jlanda
jlledo
jmatthew
jmontleo
jolong
jowilson
jprabhak
jpretori
jraez
jschluet
juwatts
kingland
kshier
ktsao
kverlaen
lball
lbragsta
lchilton
lgamliel
lhh
lphiri
manissin
mbocek
mburns
mgarciac
mhulan
mnovotny
mrunge
mwringe
nboldt
ngough
nmoumoul
nyancey
oaljalju
ometelka
oramraz
osousa
pahickey
pantinor
parichar
pcreech
peholase
pgaikwad
pjindal
psrna
ptisnovs
pvasanth
rchan
rfreiman
rgodfrey
rhaigner
rhel-process-autobot
rjohnson
rojacob
sakbas
sausingh
sdawley
sfeifer
simaishi
slucidi
smallamp
smcdonal
smullick
sseago
stcannon
stirabos
swoodman
syedriko
tasato
teagle
thason
tmalecek
tsedmik
veshanka
vimartin
watson-tool-maintainers
wenshen
whayutin
wtam
xdharmai
yguenane