Skip to content

CTRL-OS Security Tracker

CTRL-OS Security Tracker

CTRL-OS Security Tracker

CTRL-OS Security Tracker CTRL-OS Security Tracker
Table of contents
- Releases
- Latest Events
Linux Kernel Policy

CTRL-OS Security Tracker

This is the security tracker for CTRL-OS. It allows monitoring the status of vulnerabilities that affect CTRL-OS releases. Vulnerabilities are ingested from official sources, such as NVD and others.

For general information about installing or upgrading CTRL-OS, refer to the documentation. We are eager to hear your feedback and suggestions for this security tracker. Channels to reach us are documented here.

Releases

These are the currently supported releases.

CTRL-OS 24.05

Note

Vulnerability analyses for CTRL-OS 24.05 are not complete and are intended as a feature preview.

Latest Events

2026-05-28 23:08 CEST

Upstream rejected the CVE.

GHSA-g3g9-5vj6-r3gj

nixVersions.nix_2_24

Sandbox escape: file write via symlink at FOD `.tmp` copy destination

2026-05-19 14:16 CEST

In Progress → Resolved

Resolved by backporting the fix from 2.28.6 with minor changes.

GHSA-g3g9-5vj6-r3gj

nixVersions.nix_2_24

Sandbox escape: file write via symlink at FOD `.tmp` copy destination

2026-05-19 09:48 CEST

Plausible → In Progress

ImageMagick: Off-by-One in MSL decoder could result in crash

2026-05-19 09:04 CEST

New → Plausible

libssh2 userauth.c userauth_password integer overflow

2026-05-18 17:55 CEST

In Progress → Resolved

Fixed by updating to 1.11.1 and applying upstream patch.

libssh2 userauth.c userauth_password integer overflow

2026-05-18 09:22 CEST

Acknowledged → In Progress

openssl, openssl_3_0, openssl_3_3

Potential Use-after-free in DANE Client Code

2026-05-15 16:23 CEST

In Progress → Resolved

Resolved by upgrading to OpenSSL 3.3.7 and 3.0.20.

openssl, openssl_3_0, openssl_3_3

NULL Pointer Dereference When Processing a Delta CRL

2026-05-15 16:23 CEST

In Progress → Resolved

Resolved by upgrading to OpenSSL 3.3.7 and 3.0.20.

openssl, openssl_3_0, openssl_3_2, openssl_3_3

Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo

2026-05-15 16:22 CEST

In Progress → Resolved

Resolved by upgrading to OpenSSL 3.3.7 and 3.0.20.

openssl, openssl_3_0, openssl_3_3

Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo

2026-05-15 16:22 CEST

In Progress → Resolved

Resolved by upgrading to OpenSSL 3.3.7 and 3.0.20.

openssl, openssl_3_0, openssl_3_3

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

2026-05-15 16:22 CEST

In Progress → Resolved

Resolved by upgrading to OpenSSL 3.3.7 and 3.0.20.

openssl, openssl_3, openssl_3_2, openssl_3_3

Stack buffer overflow in CMS (Auth)EnvelopedData parsing

2026-05-15 12:17 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19.

openssl, openssl_3, openssl_3_2, openssl_3_3

Heap out-of-bounds write in BIO_f_linebuffer on short writes

2026-05-15 12:16 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19.

openssl, openssl_3, openssl_3_2, openssl_3_3

Unauthenticated/unencrypted trailing bytes with low-level OCB function calls

2026-05-15 12:15 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19.

openssl, openssl_3, openssl_3_2, openssl_3_3

Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion

2026-05-15 12:13 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19.

openssl, openssl_3, openssl_3_2, openssl_3_3

Missing ASN1_TYPE validation in TS_RESP_verify_response() function

2026-05-15 12:12 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19. OpenSSL 3.2 has been marked as unsupported.

openssl, openssl_3, openssl_3_2, openssl_3_3

NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function

2026-05-15 12:08 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19. OpenSSL 3.2 has been marked as unsupported.

openssl, openssl_3, openssl_3_2, openssl_3_3

Missing ASN1_TYPE validation in PKCS#12 parsing

2026-05-15 12:07 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6 and 3.0.19. OpenSSL 3.2 is marked as unsupported.

openssl, openssl_3, openssl_3_2, openssl_3_3

ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function

2026-05-15 12:05 CEST

In Progress → Resolved

Already fixed by OpenSSL update to 3.0.19 and 3.3.6. 3.2 has been marked as unsupported.

openssl_3_2, openssl_3_3

NULL dereference in SSL_CIPHER_find() function on unknown cipher ID

2026-05-15 12:04 CEST

In Progress → Resolved

Already fixed by update to OpenSSL 3.3.6.

TLS 1.3 CompressedCertificate excessive memory allocation

2026-05-15 12:01 CEST

In Progress → Resolved

Previously fixed by update to OpenSSL 3.3.6.

openssl, openssl_3_0, openssl_3_3

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

2026-05-15 11:14 CEST

Acknowledged → In Progress

openssl, openssl_3_0, openssl_3_3

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation

2026-05-15 11:13 CEST

Plausible → Acknowledged

openssl, openssl_3_0, openssl_3_3

Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo

2026-05-15 11:13 CEST

Acknowledged → In Progress

openssl, openssl_3_0, openssl_3_3

Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo

2026-05-15 11:13 CEST

Plausible → Acknowledged

openssl, openssl_3_0, openssl_3_2, openssl_3_3

Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo

2026-05-15 11:13 CEST

Acknowledged → In Progress

openssl, openssl_3_0, openssl_3_2, openssl_3_3

Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo

2026-05-15 11:12 CEST

Plausible → Acknowledged

openssl, openssl_3_0, openssl_3_3

NULL Pointer Dereference When Processing a Delta CRL

2026-05-15 11:12 CEST

Acknowledged → In Progress

openssl, openssl_3_0, openssl_3_3

NULL Pointer Dereference When Processing a Delta CRL

2026-05-15 11:12 CEST

Plausible → Acknowledged

openssl, openssl_3_0, openssl_3_3

Potential Use-after-free in DANE Client Code

2026-05-15 11:11 CEST

Acknowledged → In Progress