OpenSSL 3.6.2 Released With Eight Security Fixes

Post Views: 12

OpenSSL 3.6.2 Patches Eight Critical Vulnerabilities

The OpenSSL Project has released version 3.6.2, which addresses eight critical vulnerabilities across various components. The most severe issue in the release is rated as Moderate.

Fixed Issues

* Incorrect failure handling in RSA KEM RSASVE encapsulation (CVE-2026-31790)
* Loss of key agreement group tuple structure when the DEFAULT keyword is used in server-side configuration of the key-agreement group list (CVE-2026-2673)
* Out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support (CVE-2026-28386)
* Potential use-after-free in DANE client code (CVE-2026-28387)
* NULL pointer dereference when processing a delta CRL (CVE-2026-28388)
+ CMS KeyAgreeRecipientInfo processing (CVE-2026-28389)
+ CMS KeyTransportRecipientInfo processing (CVE-2026-28390)
* Heap buffer overflow in hexadecimal conversion (CVE-2026-31789)

Regression Repairs

In addition to the CVEs, the 3.6.2 release addresses two behavioral regressions introduced in OpenSSL 3.6.0. One restores the pre-3.6.0 behavior of the X509_V_FLAG_CRL_CHECK_ALL flag, while the other fixes a regression in handling stapled OCSP responses that caused handshake failures for OpenSSL 3.6.0 servers with various client implementations.

Affected Versions

OpenSSL 3.6 and 3.5 are vulnerable to several of the issues addressed in this release. OpenSSL 3.4, 3.3, 3.0, 1.0.2, and 1.1.1 are not affected by some of the CVEs patched in this release.

According to the OpenSSL Project, administrators running 3.6.x on x86-64 systems with AVX-512 enabled should prioritize the AES-CFB-128 fix due to the memory-read exposure in that path.

Organizations with flexibility in version selection may want to consider the shorter update window for the 3.6 series compared to the long-term support 3.5 branch when planning upgrade schedules.