CLSA-2026-1777567502

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777567502

Upstream

CVE-2026-28387

Published

2026-04-30T16:45:09Z

Modified

2026-06-01T00:33:23.646704940Z

Summary

openssl: Fix of CVE-2026-28387

Details

CVE-2026-28387: fix use-after-free / double-free in danematch() by releasing the previously stored dane->mcert with X509free() instead of OPENSSLfree(); the slot is reference-bumped via X509upref() so the matching free is X509free()

References

https://errata.tuxcare.com/els_os/centos8.5els/CLSA-2026-1777567502.html

Affected packages

TuxCare:CentOS:8.5 / openssl

Package

Name: openssl
Purl: pkg:rpm/tuxcare/openssl?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1k-5.el8.5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json"

TuxCare:CentOS:8.5 / openssl-devel

Package

Name: openssl-devel
Purl: pkg:rpm/tuxcare/openssl-devel?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1k-5.el8.5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json"

TuxCare:CentOS:8.5 / openssl-libs

Package

Name: openssl-libs
Purl: pkg:rpm/tuxcare/openssl-libs?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1k-5.el8.5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json"

TuxCare:CentOS:8.5 / openssl-perl

Package

Name: openssl-perl
Purl: pkg:rpm/tuxcare/openssl-perl?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1k-5.el8.5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json"

TuxCare:CentOS:8.5 / openssl-static

Package

Name: openssl-static
Purl: pkg:rpm/tuxcare/openssl-static?distro=centos-8.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.1.1k-5.el8.5.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1777567502.json"