{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28386", "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "state": "PUBLISHED", "assignerShortName": "openssl", "dateReserved": "2026-02-27T13:45:02.161Z", "datePublished": "2026-04-07T22:00:50.164Z", "dateUpdated": "2026-04-07T22:00:50.164Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [{"lessThan": "3.6.2", "status": "affected", "version": "3.6.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Stanislav Fort (Aisle Research)"}, {"lang": "en", "type": "reporter", "value": "Pavel Kohout (Aisle Research)"}, {"lang": "en", "type": "reporter", "value": "Alex Gaynor (Anthropic)"}, {"lang": "en", "type": "remediation developer", "value": "Stanislav Fort (Aisle Research)"}, {"lang": "en", "type": "remediation developer", "value": "Pavel Kohout (Aisle Research)"}, {"lang": "en", "type": "remediation developer", "value": "Alex Gaynor (Anthropic)"}], "datePublic": "2026-04-07T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Issue summary: Applications using AES-CFB128 encryption or decryption on<br>systems with AVX-512 and VAES support can trigger an out-of-bounds read<br>of up to 15 bytes when processing partial cipher blocks.<br><br>Impact summary: This out-of-bounds read may trigger a crash which leads to<br>Denial of Service for an application if the input buffer ends at a memory<br>page boundary and the following page is unmapped. There is no information<br>disclosure as the over-read bytes are not written to output.<br><br>The vulnerable code path is only reached when processing partial blocks<br>(when a previous call left an incomplete block and the current call provides<br>fewer bytes than needed to complete it). Additionally, the input buffer<br>must be positioned at a page boundary with the following page unmapped.<br>CFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or<br>ChaCha20-Poly1305 instead. For these reasons the issue was assessed as<br>Low severity according to our Security Policy.<br><br>Only x86-64 systems with AVX-512 and VAES instruction support are affected.<br>Other architectures and systems without VAES support use different code<br>paths that are not affected.<br><br>OpenSSL FIPS module in 3.6 version is affected by this issue."}], "value": "Issue summary: Applications using AES-CFB128 encryption or decryption on\nsystems with AVX-512 and VAES support can trigger an out-of-bounds read\nof up to 15 bytes when processing partial cipher blocks.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not written to output.\n\nThe vulnerable code path is only reached when processing partial blocks\n(when a previous call left an incomplete block and the current call provides\nfewer bytes than needed to complete it). Additionally, the input buffer\nmust be positioned at a page boundary with the following page unmapped.\nCFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or\nChaCha20-Poly1305 instead. For these reasons the issue was assessed as\nLow severity according to our Security Policy.\n\nOnly x86-64 systems with AVX-512 and VAES instruction support are affected.\nOther architectures and systems without VAES support use different code\npaths that are not affected.\n\nOpenSSL FIPS module in 3.6 version is affected by this issue."}], "metrics": [{"format": "other", "other": {"content": {"text": "Low"}, "type": "https://openssl-library.org/policies/general/security-policy/"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl", "dateUpdated": "2026-04-07T22:00:50.164Z"}, "references": [{"name": "OpenSSL Advisory", "tags": ["vendor-advisory"], "url": "https://openssl-library.org/news/secadv/20260407.txt"}, {"name": "3.6.2 git commit", "tags": ["patch"], "url": "https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"}], "source": {"discovery": "UNKNOWN"}, "title": "Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Issue summary: Applications using AES-CFB128 encryption or decryption on\nsystems with AVX-512 and VAES support can trigger an out-of-bounds read\nof up to 15 bytes when processing partial cipher blocks.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not written to output.\n\nThe vulnerable code path is only reached when processing partial blocks\n(when a previous call left an incomplete block and the current call provides\nfewer bytes than needed to complete it). Additionally, the input buffer\nmust be positioned at a page boundary with the following page unmapped.\nCFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or\nChaCha20-Poly1305 instead. For these reasons the issue was assessed as\nLow severity according to our Security Policy.\n\nOnly x86-64 systems with AVX-512 and VAES instruction support are affected.\nOther architectures and systems without VAES support use different code\npaths that are not affected.\n\nOpenSSL FIPS module in 3.6 version is affected by this issue."}], "id": "CVE-2026-28386", "lastModified": "2026-04-07T22:16:20.513", "metrics": {}, "published": "2026-04-07T22:16:20.513", "references": [{"source": "openssl-security@openssl.org", "url": "https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"}, {"source": "openssl-security@openssl.org", "url": "https://openssl-library.org/news/secadv/20260407.txt"}], "sourceIdentifier": "openssl-security@openssl.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "openssl-security@openssl.org", "type": "Secondary"}]}

{}

{}