Out-of-bounds read in AES-CFB-128 on X86-64 with AVX-512 support
The partial-block pre-processing code in ossl_aes_cfb128_vaes_enc and
ossl_aes_cfb128_vaes_dec unconditionally loads 16 bytes from the input buffer
using unmasked vmovdqu8 instructions, even when fewer bytes are valid.
This can read 1–15 bytes beyond the provided buffer. The post-processing code
in the same file correctly uses masked loads to avoid this issue.
Fixes CVE-2026-28386
Co-Authored-by: Stanislav Fort <stanislav.fort@aisle.com> Co-Authored-by: Pavel Kohout <pavel.kohout@aisle.com> Co-Authored-by: Alex Gaynor <gaynor@anthropic.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Mon Apr 6 19:16:26 2026
projects / thirdparty / openssl.git / commit
