CVE-2026-41676: rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

Overview

Severity

N/A

Exploit Status

Not Exploited

Patch Tuesday

2026-Apr

Released

2026-04-26

Last Updated

2026-04-30

EPSS Score

0.07% (percentile: 20.5%)

Affected Products (13)

Open Source Software

• cbl2 rpm-ostree 2022.1-8 on CBL Mariner 2.0
• cbl2 rust 1.72.0-15 on CBL Mariner 2.0
• azl3 python-cryptography 42.0.5-4 on Azure Linux 3.0
• azl3 rpm-ostree 2024.4-8 on Azure Linux 3.0
• azl3 trident 0.22.0-1 on Azure Linux 3.0
• azl3 clamav 1.5.2-2 on Azure Linux 3.0
• azl3 rpm-ostree 2024.4-10 on Azure Linux 3.0
• azl3 rust 1.75.0-28 on Azure Linux 3.0
• azl3 rust-afterburn 5.8.2-1 on Azure Linux 3.0
• azl3 clamav 1.5.2-1 on Azure Linux 3.0
• azl3 rust 1.75.0-27 on Azure Linux 3.0
• azl3 rust 1.90.0-6 on Azure Linux 3.0
• azl3 rust 1.90.0-7 on Azure Linux 3.0

Revision History

• 2026-04-26: Information published.
• 2026-04-27: Information published.
• 2026-04-29: Information published.
• 2026-04-30: Information published.
• 2026-04-30: Information published.