CVE-2026-28387
Use-After-Free in TLSA-Based DANE Client Authentication
Publication date: 2026-04-07
Last updated on: 2026-04-23
Assigner: OpenSSL Software Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openssl | openssl | From 3.0.0 (inc) to 3.0.20 (exc) |
| openssl | openssl | From 3.3.0 (inc) to 3.3.7 (exc) |
| openssl | openssl | From 3.4.0 (inc) to 3.4.5 (exc) |
| openssl | openssl | From 3.5.0 (inc) to 3.5.6 (exc) |
| openssl | openssl | From 3.6.0 (inc) to 3.6.2 (exc) |
| openssl | openssl | From 1.1.1 (inc) to 1.1.1zg (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in clients that use a specific and uncommon configuration involving DANE TLSA-based server authentication. When these clients interact with servers that publish uncommon DANE TLSA records, it may cause a use-after-free or double-free error on the client side.
Specifically, the issue affects clients that use TLSA records with both PKIX-TA (0) or PKIX-EE (1) certificate usages and DANE-TA (2) certificate usage simultaneously. Most common deployments, such as SMTP MTAs following RFC7672, do not use this combination and thus are not vulnerable.
How can this vulnerability impact me? :
The use-after-free vulnerability can lead to several potential impacts including corruption of valid data, application crashes, or even execution of arbitrary code on the client side.
However, this impact is limited to clients configured to use both PKIX and DANE-TA TLSA records and communicating with servers publishing both types of TLSA records. Clients that only use PKIX or treat PKIX TLSA records as unusable are not affected.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
What immediate steps should I take to mitigate this vulnerability?
This vulnerability affects clients that perform DANE TLSA-based server authentication with an uncommon configuration involving both PKIX and DANE-TA certificate usages.
To mitigate this issue, ensure that your clients either follow the common deployment practice recommended by RFC7672, which treats TLSA records with PKIX certificate usages as unusable, or only support PKIX usages and ignore DANE-TA usage.
Additionally, avoid communicating with servers that publish TLSA RRsets containing both PKIX and DANE-TA TLSA records.