Overview

File openssl-CVE-2025-69420.patch of Package openssl-1_0_0.42417

From 6453d278557c8719233793730ec500c84aea55d9 Mon Sep 17 00:00:00 2001
From: Bob Beck <beck@openssl.org>
Date: Wed, 7 Jan 2026 11:29:48 -0700
Subject: [PATCH] Verify ASN1 object's types before attempting to access them
 as a particular type

Issue was reported in ossl_ess_get_signing_cert but is also present in
ossl_ess_get_signing_cert_v2.

Fixes: https://github.com/openssl/srt/issues/61
Fixes CVE-2025-69420
---
 crypto/ts/ts_rsp_verify.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: openssl-1.0.2p/crypto/ts/ts_rsp_verify.c
===================================================================
--- openssl-1.0.2p.orig/crypto/ts/ts_rsp_verify.c
+++ openssl-1.0.2p/crypto/ts/ts_rsp_verify.c
@@ -318,7 +318,7 @@ static ESS_SIGNING_CERT *ESS_get_signing
     ASN1_TYPE *attr;
     const unsigned char *p;
     attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
-    if (!attr)
+    if (attr == NULL || attr->type != V_ASN1_SEQUENCE)
         return NULL;
     p = attr->value.sequence->data;
     return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
openSUSE Build Service is sponsored by
Places