What is GHSA-hq85-3f6c-jx84?

GHSA-hq85-3f6c-jx84 is a security advisory published by GitHub Security Advisories with Medium severity. A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the...

Which CVE IDs does GHSA-hq85-3f6c-jx84 cover?

GHSA-hq85-3f6c-jx84 covers the following CVE IDs: CVE-2026-2100. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-hq85-3f6c-jx84?

GHSA-hq85-3f6c-jx84 has a CVSS v3 base score of 5.3, published by GitHub Security Advisories.

GHSA-hq85-3f6c-jx84MediumCVSS 5.3

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the...

Vendor

GitHub Security Advisories

Published

March 26, 2026

Last Modified

May 19, 2026

🔗 CVE IDs covered (1)

CVE-2026-2100 →

📋 Description

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference or undefined behavior. This issue may cause an application level denial of service or other unpredictable system states.

🔗 References (8)

https://nvd.nist.gov/vuln/detail/CVE-2026-2100
https://access.redhat.com/security/cve/CVE-2026-2100
https://bugzilla.redhat.com/show_bug.cgi?id=2437308
https://github.com/p11-glue/p11-kit/pull/740
https://access.redhat.com/errata/RHSA-2026:7065
https://access.redhat.com/errata/RHSA-2026:18143
https://access.redhat.com/errata/RHSA-2026:18599
https://github.com/advisories/GHSA-hq85-3f6c-jx84