CVE-2026-28386
Published: 07 April 2026
Description
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which…
more
leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not written to output. The vulnerable code path is only reached when processing partial blocks (when a previous call left an incomplete block and the current call provides fewer bytes than needed to complete it). Additionally, the input buffer must be positioned at a page boundary with the following page unmapped. CFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or ChaCha20-Poly1305 instead. For these reasons the issue was assessed as Low severity according to our Security Policy. Only x86-64 systems with AVX-512 and VAES instruction support are affected. Other architectures and systems without VAES support use different code paths that are not affected. OpenSSL FIPS module in 3.6 version is affected by this issue.
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the CVE by requiring timely application of the OpenSSL patch (commit 61f428a2fc6671ede184a19f71e6e495f0689621) to remediate the out-of-bounds read in AES-CFB128 processing.
Implements memory protection mechanisms such as guard pages or bounds checking to mitigate out-of-bounds reads during partial cipher block processing on AVX-512/VAES systems.
Enables periodic vulnerability scanning to identify systems running vulnerable OpenSSL FIPS module 3.6 affected by this out-of-bounds read issue.
Security SummaryAI
CVE-2026-28386 is an out-of-bounds read vulnerability affecting the OpenSSL FIPS module version 3.6, specifically in applications performing AES-CFB128 encryption or decryption on x86-64 systems equipped with AVX-512 and VAES instruction set support. The issue arises when processing partial cipher blocks, where a previous operation left an incomplete block and the current input provides fewer bytes than needed to complete it, leading to an over-read of up to 15 bytes. Other architectures or systems lacking VAES support follow unaffected code paths. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is classified under CWE-125 (Out-of-bounds Read).
A remote, unauthenticated attacker can exploit this flaw by supplying crafted input that positions the input buffer at a memory page boundary, with the subsequent page unmapped. This triggers the out-of-bounds read, potentially causing a crash and denial-of-service (DoS) condition for the affected application. There is no information disclosure, as the over-read bytes are not propagated to output. Exploitation requires specific conditions, including partial block processing and precise memory alignment, and CFB mode is not used in common protocols like TLS/DTLS, which favor CBC, GCM, CCM, or ChaCha20-Poly1305.
OpenSSL's security advisory (https://openssl-library.org/news/secadv/20260407.txt) details the issue and assesses it as low severity per their policy due to the narrow attack surface. Mitigation is available via a patch in commit 61f428a2fc6671ede184a19f71e6e495f0689621 (https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621), which security practitioners should apply to vulnerable OpenSSL FIPS 3.6 deployments.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds read in OpenSSL AES-CFB128 processing allows remote crafted input to trigger application crash under specific memory alignment conditions, directly enabling application exploitation for endpoint denial of service.