CVE-2026-28386
Out-of-Bounds Read in OpenSSL AES-CFB128 on AVX-512 Systems
Publication date: 2026-04-07
Last updated on: 2026-04-24
Assigner: OpenSSL Software Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openssl | openssl | From 3.6.0 (inc) to 3.6.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in applications using AES-CFB128 encryption or decryption on x86-64 systems that support AVX-512 and VAES instructions. When processing partial cipher blocks, an out-of-bounds read of up to 15 bytes can be triggered.
The issue arises only when a previous call left an incomplete block and the current call provides fewer bytes than needed to complete it, and when the input buffer ends exactly at a memory page boundary with the following page unmapped.
This out-of-bounds read does not disclose information because the over-read bytes are not written to output, but it may cause the application to crash.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a potential Denial of Service (DoS) condition. If triggered, the out-of-bounds read may cause the application to crash.
This crash happens only under specific conditions: when processing partial cipher blocks with input buffers positioned at a page boundary and the following memory page is unmapped.
There is no risk of information disclosure from this vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support when processing partial cipher blocks.
Since the vulnerable code path is only triggered when processing partial blocks and the input buffer is positioned at a memory page boundary with the following page unmapped, ensuring that input buffers do not end at page boundaries or avoiding partial block processing can reduce risk.
Additionally, consider updating or patching the OpenSSL FIPS module if a fixed version becomes available.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability described in CVE-2026-28386 causes an out-of-bounds read that may lead to a Denial of Service (DoS) but does not result in information disclosure.
Since there is no data leakage or compromise of sensitive information, the impact on compliance with standards such as GDPR or HIPAA, which focus heavily on protecting personal and sensitive data, is minimal.
However, the potential for application crashes due to DoS could affect availability requirements in some regulatory frameworks, but this is assessed as a low severity issue.