3 matches found
OESA-2026-1663 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: When using the low-level OCB API directly with AES-NI orbrother hardware-accelerated code paths, inputs whose length is not a multiplebrof 16 bytes...
CVE-2025-69418
CVE-2025-69418 affects OpenSSL when using the low-level OCB API (CRYPTO_ocb128_encrypt/decrypt) with non-block-aligned lengths on hardware-accelerated builds. The trailing 1–15 bytes of a message may be left unencrypted and unauthenticated, exposing or tampering with data. The issue does not affe...
PT-2026-4948
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 3.6 OpenSSL version 1.0.2 is not affected Description The issue relates to the handling of non-block-aligned input lengths when using the low-level OCB API directly with AES-NI or other hardware-accelerated code...