CVE-2025-69421 — NULL Pointer Dereference in Openssl

CWE-476 — NULL Pointer Dereference25 documents9 sources

Severity

7.5HIGHNVD

OSV6.1

EPSS

0.0%

top 89.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl

Timeline

PublishedJan 27

Description

Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, cau…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶CVEListV5openssl/openssl3.6.0 — 3.6.1+6

▶NVDopenssl/openssl1.0.2 — 1.0.2zn+6

▶Alpineopenssl/openssl< 3.0.19-r0+4

▶Debianopenssl/openssl< 1.1.1w-0+deb11u5+3

▶Ubuntuopenssl/openssl< 3.0.2-0ubuntu1.21+10

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2025-69421: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function↗2026-01-27

▶

OSV

openssl, openssl1.0 vulnerabilities↗2026-01-27

▶

OSV

CVE-2025-69421: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function↗2026-01-27

▶

GHSA

GHSA-w9rv-xc8m-cmqp: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function↗2026-01-27

▶

OSV

CVE-2025-69421: Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function↗2026-01-27

▶

📋Vendor Advisories

Ubuntu

OpenSSL vulnerabilities↗2026-01-27

▶

Red Hat

openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing↗2026-01-27

▶

BSD

FreeBSD-SA-26:01.openssl: Multiple vulnerabilities in OpenSSL↗2026-01-27

▶

Ubuntu

OpenSSL vulnerabilities↗2026-01-27

▶

Debian

CVE-2025-69421: openssl - Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer de...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-15469 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-2673 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-69421 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-22796 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-15468 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶