CVE-2026-41564

CVE-2026-41564

Name

CVE-2026-41564

Description

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A Crypt::PK::* object created before `fork()` shares byte-identical PRNG state with every child process, and any randomized operation they perform can produce identical output, including key generation. Two ECDSA or DSA signatures from different processes are enough to recover the signing private key through nonce-reuse key recovery. This affects preforking services such as the Starman web server, where a Crypt::PK::* object loaded at startup is inherited by every worker process.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
9b29abf9-4ab0-4765-b253-1875cd9b441e	https://github.com/DCIT/perl-CryptX/commit/9a1dd3e0c27d68e32450be5538b864c2b115ee15.patch
9b29abf9-4ab0-4765-b253-1875cd9b441e	https://github.com/DCIT/perl-CryptX/security/advisories/GHSA-24c2-gp6c-24c6
9b29abf9-4ab0-4765-b253-1875cd9b441e	https://metacpan.org/release/MIK/CryptX-0.088
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/04/23/2

Type

URI

9b29abf9-4ab0-4765-b253-1875cd9b441e

https://github.com/DCIT/perl-CryptX/commit/9a1dd3e0c27d68e32450be5538b864c2b115ee15.patch

9b29abf9-4ab0-4765-b253-1875cd9b441e

https://github.com/DCIT/perl-CryptX/security/advisories/GHSA-24c2-gp6c-24c6

9b29abf9-4ab0-4765-b253-1875cd9b441e

https://metacpan.org/release/MIK/CryptX-0.088

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/04/23/2

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:dcit:cryptx::::::perl::*`	perl-cryptx	>= None	< 0.088

CPE URI

Source package

Min version

Max version

cpe:2.3:a:dcit:cryptx:*:*:*:*:*:perl:*:*

perl-cryptx

>= None

< 0.088

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
perl-cryptx	edge-main	0.088-r0	Timothy Legge <timlegge@gmail.com>	fixed
perl-cryptx	edge-main	0.087-r1	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	edge-main	0.087-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	edge-main	0.084-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	edge-main	0.079-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.23-main	0.088-r0	Timothy Legge <timlegge@gmail.com>	fixed
perl-cryptx	3.23-main	0.087-r1	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.22-main	0.088-r0	Timothy Legge <timlegge@gmail.com>	fixed
perl-cryptx	3.22-main	0.084-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.22-main	0.079-r0	None	possibly vulnerable
perl-cryptx	3.21-main	0.088-r0	Timothy Legge <timlegge@gmail.com>	fixed
perl-cryptx	3.21-main	0.084-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.21-main	0.079-r0	None	possibly vulnerable
perl-cryptx	3.20-main	0.088-r0	Timothy Legge <timlegge@gmail.com>	fixed
perl-cryptx	3.20-main	0.080-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.20-main	0.079-r0	None	possibly vulnerable
perl-cryptx	3.19-main	0.080-r0	Timothy Legge <timlegge@gmail.com>	possibly vulnerable
perl-cryptx	3.19-main	0.079-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages