UBUNTU-CVE-2026-45446
- Source
- https://ubuntu.com/security/CVE-2026-45446
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-45446.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2026-45446
- Upstream
- Downstream
- Related
- Published
- 2026-06-09T00:00:00Z
- Modified
- 2026-06-12T09:12:13.636778581Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt,
EVP_DecryptFinal_ex()is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then callsEVP_DecryptFinal_ex()without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary. - References
Affected packages
Ubuntu:22.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.2-0ubuntu1.25
Affected versions
1.*
1.1.1l-1ubuntu1
3.*
3.0.0-1ubuntu1
3.0.1-0ubuntu1
3.0.2-0ubuntu1
3.0.2-0ubuntu1.1
3.0.2-0ubuntu1.2
3.0.2-0ubuntu1.4
3.0.2-0ubuntu1.5
3.0.2-0ubuntu1.6
3.0.2-0ubuntu1.7
3.0.2-0ubuntu1.8
3.0.2-0ubuntu1.9
3.0.2-0ubuntu1.10
3.0.2-0ubuntu1.12
3.0.2-0ubuntu1.13
3.0.2-0ubuntu1.14
3.0.2-0ubuntu1.15
3.0.2-0ubuntu1.16
3.0.2-0ubuntu1.17
3.0.2-0ubuntu1.18
3.0.2-0ubuntu1.19
3.0.2-0ubuntu1.20
3.0.2-0ubuntu1.21
3.0.2-0ubuntu1.23
Ubuntu:24.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2023.*
2023.05-2
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-8
2024.*
2024.02-1
2024.02-2
2024.02-2ubuntu0.1
2024.02-2ubuntu0.3
2024.02-2ubuntu0.4
2024.02-2ubuntu0.5
2024.02-2ubuntu0.6
2024.02-2ubuntu0.7
2024.02-2ubuntu0.8
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"binaries": [
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-arm"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "efi-shell-ia32"
},
{
"binary_name": "efi-shell-riscv64",
"binary_version": "2024.02-2ubuntu0.8"
},
{
"binary_name": "efi-shell-x64",
"binary_version": "2024.02-2ubuntu0.8"
},
{
"binary_name": "ovmf",
"binary_version": "2024.02-2ubuntu0.8"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "ovmf-ia32"
},
{
"binary_name": "ovmf-legacy",
"binary_version": "2024.02-2ubuntu0.8"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2024.02-2ubuntu0.8"
},
{
"binary_version": "2024.02-2ubuntu0.8",
"binary_name": "qemu-efi-arm"
},
{
"binary_name": "qemu-efi-riscv64",
"binary_version": "2024.02-2ubuntu0.8"
}
]
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.13-0ubuntu3.11
Affected versions
3.*
3.0.10-1ubuntu2
3.0.10-1ubuntu2.1
3.0.10-1ubuntu3
3.0.10-1ubuntu4
3.0.13-0ubuntu2
3.0.13-0ubuntu3
3.0.13-0ubuntu3.1
3.0.13-0ubuntu3.2
3.0.13-0ubuntu3.3
3.0.13-0ubuntu3.4
3.0.13-0ubuntu3.5
3.0.13-0ubuntu3.6
3.0.13-0ubuntu3.7
3.0.13-0ubuntu3.9
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3t64",
"binary_version": "3.0.13-0ubuntu3.11"
},
{
"binary_name": "openssl",
"binary_version": "3.0.13-0ubuntu3.11"
}
]
}Ubuntu:25.10
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2025.*
2025.02-3ubuntu2
2025.02-8
2025.02-8ubuntu1
2025.02-8ubuntu2
2025.02-8ubuntu3
2025.02-8ubuntu3.1
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"binaries": [
{
"binary_name": "efi-shell-aa64",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "efi-shell-arm",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "efi-shell-ia32",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "efi-shell-loongarch64",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "efi-shell-riscv64",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_version": "2025.02-8ubuntu3.1",
"binary_name": "efi-shell-x64"
},
{
"binary_name": "ovmf",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "ovmf-ia32",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "ovmf-inteltdx",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "ovmf-legacy",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "qemu-efi-arm",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "qemu-efi-loongarch64",
"binary_version": "2025.02-8ubuntu3.1"
},
{
"binary_name": "qemu-efi-riscv64",
"binary_version": "2025.02-8ubuntu3.1"
}
]
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.3-1ubuntu3.4
Affected versions
3.*
3.4.1-1ubuntu3
3.5.0-2ubuntu1
3.5.2-1ubuntu1
3.5.3-1ubuntu2
3.5.3-1ubuntu3
3.5.3-1ubuntu3.3
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3t64",
"binary_version": "3.5.3-1ubuntu3.4"
},
{
"binary_name": "openssl",
"binary_version": "3.5.3-1ubuntu3.4"
},
{
"binary_version": "3.5.3-1ubuntu3.4",
"binary_name": "openssl-provider-legacy"
}
]
}Ubuntu:26.04:LTS
edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"binaries": [
{
"binary_name": "efi-shell-aa64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "efi-shell-loongarch64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "efi-shell-riscv64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "efi-shell-x64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "ovmf",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "ovmf-amdsev",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "ovmf-generic",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "ovmf-inteltdx",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "ovmf-legacy",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "qemu-efi-aarch64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_name": "qemu-efi-loongarch64",
"binary_version": "2025.11-3ubuntu7"
},
{
"binary_version": "2025.11-3ubuntu7",
"binary_name": "qemu-efi-riscv64"
}
]
}openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.5.5-1ubuntu3.2
Ecosystem specific
{
"priority_reason": "OpenSSL developers have rated this as being low severity",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libssl3t64",
"binary_version": "3.5.5-1ubuntu3.2"
},
{
"binary_version": "3.5.5-1ubuntu3.2",
"binary_name": "openssl"
},
{
"binary_name": "openssl-provider-legacy",
"binary_version": "3.5.5-1ubuntu3.2"
}
]
}Ubuntu:Pro:22.04:LTS
nodejs
Package
- Name
- nodejs
- Purl
- pkg:deb/ubuntu/nodejs?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
12.*
12.22.5~dfsg-5ubuntu1
12.22.7~dfsg-2ubuntu1
12.22.7~dfsg-2ubuntu3
12.22.9~dfsg-1ubuntu2
12.22.9~dfsg-1ubuntu3
12.22.9~dfsg-1ubuntu3.1
12.22.9~dfsg-1ubuntu3.2
12.22.9~dfsg-1ubuntu3.3
12.22.9~dfsg-1ubuntu3.4
12.22.9~dfsg-1ubuntu3.5
12.22.9~dfsg-1ubuntu3.6
12.22.9~dfsg-1ubuntu3.6+esm2
Ubuntu:Pro:FIPS-preview:22.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=fips-preview%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips?arch=source&distro=fips-preview%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS-updates:22.04:LTS
openssl
Package
- Name
- openssl
- Purl
- pkg:deb/ubuntu/openssl?arch=source&distro=fips-updates%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.0.2-0ubuntu1.10+Fips1
3.0.2-0ubuntu1.12+Fips1
3.0.2-0ubuntu1.14+Fips1
3.0.2-0ubuntu1.15+Fips1
3.0.2-0ubuntu1.16+Fips1
3.0.2-0ubuntu1.17+Fips1
3.0.2-0ubuntu1.18+Fips1
3.0.2-0ubuntu1.19+Fips1
3.0.2-0ubuntu1.20+Fips1
3.0.2-0ubuntu1.21+Fips1
3.0.2-0ubuntu1.23+Fips1
openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips?arch=source&distro=fips-updates%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:FIPS-updates:24.04:LTS
openssl-fips
Package
- Name
- openssl-fips
- Purl
- pkg:deb/ubuntu/openssl-fips?arch=source&distro=fips-updates%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected