Lucene search
+L

8 matches found

RedHat Linux
RedHat Linux
added 2026/04/09 8:50 a.m.3 views

openssl: openssl: Denial of Service due to out-of-bounds read in AES-CFB128

A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service DoS. This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequen...

9.1CVSS6.9AI score0.00313EPSS
Exploits0References5
NVD
NVD
added 2026/04/07 10:16 p.m.3 views

CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

9.1CVSS0.00313EPSS
Exploits0References2
OSV
OSV
added 2026/04/07 10:16 p.m.7 views

DEBIAN-CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

7.5CVSS5.6AI score0.00313EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 10:0 p.m.8 views

CVE-2026-28386 Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

6AI score0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/07 10:0 p.m.34 views

CVE-2026-28386 Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

0.00313EPSS
Exploits0References2
CVE
CVE
added 2026/04/07 10:0 p.m.35 views

CVE-2026-28386

The CVE CVE-2026-28386 affects OpenSSL’s FIPS module (version 3.6) on x86-64 systems with AVX-512 and VAES. A partial-block processing path in AES-CFB-128 can trigger an out-of-bounds read of up to 15 bytes when the input buffer sits at a page boundary and the next page is unmapped, potentially c...

9.1CVSS6AI score0.00313EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-31035

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS Module version 3.6 Description Applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES support may experience an out-of-bounds read of up to 15 bytes when handling partial cipher blocks...

9.1CVSS5.8AI score0.00313EPSS
Exploits0References10
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.7 views

OpenSSL Security Advisory 20260407

OpenSSL Security Advisory 20260407 - Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigge...

7.5CVSS6.1AI score0.01059EPSS
Exploits0
Rows per page
Query Builder