{"id":"CVE-2026-28386","summary":"Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support","details":"Issue summary: Applications using AES-CFB128 encryption or decryption on\nsystems with AVX-512 and VAES support can trigger an out-of-bounds read\nof up to 15 bytes when processing partial cipher blocks.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not written to output.\n\nThe vulnerable code path is only reached when processing partial blocks\n(when a previous call left an incomplete block and the current call provides\nfewer bytes than needed to complete it). Additionally, the input buffer\nmust be positioned at a page boundary with the following page unmapped.\nCFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or\nChaCha20-Poly1305 instead. For these reasons the issue was assessed as\nLow severity according to our Security Policy.\n\nOnly x86-64 systems with AVX-512 and VAES instruction support are affected.\nOther architectures and systems without VAES support use different code\npaths that are not affected.\n\nOpenSSL FIPS module in 3.6 version is affected by this issue.","modified":"2026-07-08T07:46:54.443004936Z","published":"2026-04-07T22:00:50.164Z","related":["CGA-cgw9-chqf-gxmh"],"database_specific":{"cna_assigner":"openssl","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/28xxx/CVE-2026-28386.json","cwe_ids":["CWE-125"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/28xxx/CVE-2026-28386.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-28386"},{"type":"ADVISORY","url":"https://openssl-library.org/news/secadv/20260407.txt"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"7b371d80d959ec9ab4139d09d78e83c090de9779"},{"fixed":"fe686e15d84334b284f883118ed92f64b409b3aa"},{"fixed":"61f428a2fc6671ede184a19f71e6e495f0689621"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"extracted_events":[{"introduced":"3.6.0"},{"fixed":"3.6.2"}],"cpe":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"}}],"versions":["openssl-3.6.1","3.6-POST-CLANG-FORMAT-WEBKIT","3.6-PRE-CLANG-FORMAT-WEBKIT","openssl-3.6.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-28386.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}