{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-28386","assignerOrgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","state":"PUBLISHED","assignerShortName":"openssl","dateReserved":"2026-02-27T13:45:02.161Z","datePublished":"2026-04-07T22:00:50.164Z","dateUpdated":"2026-04-10T20:16:08.389Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"OpenSSL","vendor":"OpenSSL","versions":[{"lessThan":"3.6.2","status":"affected","version":"3.6.0","versionType":"semver"}]}],"credits":[{"lang":"en","type":"reporter","value":"Stanislav Fort (Aisle Research)"},{"lang":"en","type":"reporter","value":"Pavel Kohout (Aisle Research)"},{"lang":"en","type":"reporter","value":"Alex Gaynor (Anthropic)"},{"lang":"en","type":"remediation developer","value":"Stanislav Fort (Aisle Research)"},{"lang":"en","type":"remediation developer","value":"Pavel Kohout (Aisle Research)"},{"lang":"en","type":"remediation developer","value":"Alex Gaynor (Anthropic)"}],"datePublic":"2026-04-07T14:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Issue summary: Applications using AES-CFB128 encryption or decryption on<br>systems with AVX-512 and VAES support can trigger an out-of-bounds read<br>of up to 15 bytes when processing partial cipher blocks.<br><br>Impact summary: This out-of-bounds read may trigger a crash which leads to<br>Denial of Service for an application if the input buffer ends at a memory<br>page boundary and the following page is unmapped. There is no information<br>disclosure as the over-read bytes are not written to output.<br><br>The vulnerable code path is only reached when processing partial blocks<br>(when a previous call left an incomplete block and the current call provides<br>fewer bytes than needed to complete it). Additionally, the input buffer<br>must be positioned at a page boundary with the following page unmapped.<br>CFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or<br>ChaCha20-Poly1305 instead. For these reasons the issue was assessed as<br>Low severity according to our Security Policy.<br><br>Only x86-64 systems with AVX-512 and VAES instruction support are affected.<br>Other architectures and systems without VAES support use different code<br>paths that are not affected.<br><br>OpenSSL FIPS module in 3.6 version is affected by this issue."}],"value":"Issue summary: Applications using AES-CFB128 encryption or decryption on\nsystems with AVX-512 and VAES support can trigger an out-of-bounds read\nof up to 15 bytes when processing partial cipher blocks.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not written to output.\n\nThe vulnerable code path is only reached when processing partial blocks\n(when a previous call left an incomplete block and the current call provides\nfewer bytes than needed to complete it). Additionally, the input buffer\nmust be positioned at a page boundary with the following page unmapped.\nCFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or\nChaCha20-Poly1305 instead. For these reasons the issue was assessed as\nLow severity according to our Security Policy.\n\nOnly x86-64 systems with AVX-512 and VAES instruction support are affected.\nOther architectures and systems without VAES support use different code\npaths that are not affected.\n\nOpenSSL FIPS module in 3.6 version is affected by this issue."}],"metrics":[{"format":"other","other":{"content":{"text":"Low"},"type":"https://openssl-library.org/policies/general/security-policy/"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"CWE-125 Out-of-bounds Read","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2026-04-07T22:00:50.164Z"},"references":[{"name":"OpenSSL Advisory","tags":["vendor-advisory"],"url":"https://openssl-library.org/news/secadv/20260407.txt"},{"name":"3.6.2 git commit","tags":["patch"],"url":"https://github.com/openssl/openssl/commit/61f428a2fc6671ede184a19f71e6e495f0689621"}],"source":{"discovery":"UNKNOWN"},"title":"Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.1,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2026-04-10T20:15:21.235876Z","id":"CVE-2026-28386","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-04-10T20:16:08.389Z"}}]}}