CVE-2026-2100
Modified Modified - Updated After Analysis
NULL Dereference in p11-kit C_DeriveKey Causes DoS

Publication date: 2026-03-26

Last updated on: 2026-06-02

Assigner: Red Hat, Inc.

Description
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference or undefined behavior. This issue may cause an application level denial of service or other unpredictable system states.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-26
Last Modified
2026-06-02
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2100
EUVD
EUVD-2026-16336
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
redhat hardened_images *
p11-kit_project p11-kit *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-824 The product accesses or uses a pointer that has not been initialized.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in p11-kit and involves a NULL dereference issue triggered when the C_DeriveKey function is called on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL.

The problem arises because certain variables, specifically named "data" in the source code, are declared but not initialized before being used. This causes the RPC client to attempt to return uninitialized values, which can lead to NULL pointer dereferences or undefined behavior.

This flaw can be exploited remotely by an attacker who calls the vulnerable function with crafted parameters, potentially causing the application to crash or behave unpredictably.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

Exploitation of this vulnerability may cause an application-level denial of service (DoS) by triggering a NULL pointer dereference or other unpredictable system states.

This means that affected applications using p11-kit could crash or become unstable when processing certain remote calls, potentially disrupting services or operations.

Detection Guidance

This vulnerability involves a NULL dereference triggered by specific calls to the C_DeriveKey function in p11-kit with certain IBM kyber or IBM btc derive mechanism parameters set to NULL.

Detection would involve monitoring or analyzing calls to the C_DeriveKey function on remote tokens, especially those using the IBM kyber or IBM btc derive mechanisms.

Since the issue is related to uninitialized variables causing NULL dereferences, one approach is to check for crashes or application-level denial of service events related to p11-kit.

No specific commands or network detection signatures are provided in the available resources.

Mitigation Strategies

The vulnerability affects all Linux systems running vulnerable versions of p11-kit.

Immediate mitigation steps include updating p11-kit to a patched version where this NULL dereference issue is fixed.

If an update is not immediately available, consider restricting or monitoring remote calls to the C_DeriveKey function, especially those using IBM kyber or IBM btc derive mechanisms with NULL parameters.

Additionally, monitoring for application crashes or denial of service symptoms related to p11-kit can help in early detection and response.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2100. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart