CVE-2026-41898
Published: 24 April 2026
Summary
CVE-2026-41898 is a critical-severity Buffer Over-read (CWE-126) vulnerability in Rust-Openssl Project Rust-Openssl. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely identification, reporting, and correction of flaws in rust-openssl directly remediates the buffer overflow vulnerability in FFI trampolines during TLS handshakes.
Memory protection mechanisms such as DEP and ASLR prevent successful exploitation of the unchecked usize-to-buffer length forwarding leading to overflows in OpenSSL.
Vulnerability scanning detects deployments of vulnerable rust-openssl versions (0.9.24 to <0.10.78) affected by the PSK and cookie callback buffer overflow.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated network exploitation of buffer overflow in TLS library (rust-openssl) during handshake enables arbitrary code execution on public-facing applications.
NVD Description
rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut [u8] that…
more
was handed to the closure. This can lead to buffer overflows and other unintended consequences. This vulnerability is fixed in 0.10.78.
Deeper analysisAI
CVE-2026-41898 is a buffer overflow vulnerability in rust-openssl, a crate providing OpenSSL bindings for the Rust programming language. Affected versions range from 0.9.24 up to but not including 0.10.78. The issue stems from FFI trampolines in SslContextBuilder methods set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb, which forward the user closure's returned usize value directly to OpenSSL without validating it against the provided &mut [u8] buffer. This flaw, mapped to CWE-126 (Buffer Over-read) and CWE-130 (Improper Handling of Length Parameter Inconsistency), carries a CVSS v3.1 base score of 9.8.
Remote attackers require no privileges, authentication, or user interaction to exploit this over the network with low complexity. By triggering the affected callbacks during TLS handshake processes involving PSK or stateless cookies, adversaries can induce buffer overflows in the underlying OpenSSL library, potentially resulting in high confidentiality, integrity, and availability impacts such as arbitrary code execution, data corruption, or denial of service.
The vulnerability is addressed in rust-openssl version 0.10.78, where the trampolines now properly validate the returned length against the buffer size. Security practitioners should upgrade to this version or later. Relevant resources include the fixing commit (1d109020d98fff2fb2e45c39a373af3dff99b24c), pull request #2607, release announcement for v0.10.78, and the GitHub security advisory GHSA-hppc-g8h3-xhp3.
Details
- CWE(s)