Description

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS#7 signature, the code copies the digest value from a parsed SpcIndirectDataContent structure into a fixed-size stack buffer (mdbuf[EVP_MAX_MD_SIZE], 64 bytes) without validating that the source length fits within the destination buffer. This pattern is present in the verification handlers for PE, MSI, CAB, and script files. An attacker can craft a malicious signed file with an oversized digest field in SpcIndirectDataContent. When a user verifies such a file with osslsigncode verify, the unbounded memcpy can overflow the stack buffer and corrupt adjacent stack state. This vulnerability is fixed in 2.12.

INFO

Published Date :

2026-04-09T15:50:26.548Z

Last Modified :

2026-04-09T16:15:19.583Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-39853 vulnerability.

Vendors Products
Mtrojnar
  • Osslsigncode
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-39853.

URL Resource
https://github.com/mtrojnar/osslsigncode/commit/cbee1e723c5a8547302bd841ad9943ed8144db68 cve-icon cve-icon
https://github.com/mtrojnar/osslsigncode/releases/tag/2.12 cve-icon cve-icon
https://github.com/mtrojnar/osslsigncode/security/advisories/GHSA-hx87-8754-xvh4 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact