CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on<br /> systems with AVX-512 and VAES support can trigger an out-of-bounds read<br /> of up to 15 bytes when processing partial cipher blocks.<br /> <br /> Impact summary: This out-of-bounds read may trigger a crash which leads to<br /> Denial of Service for an application if the input buffer ends at a memory<br /> page boundary and the following page is unmapped. There is no information<br /> disclosure as the over-read bytes are not written to output.<br /> <br /> The vulnerable code path is only reached when processing partial blocks<br /> (when a previous call left an incomplete block and the current call provides<br /> fewer bytes than needed to complete it). Additionally, the input buffer<br /> must be positioned at a page boundary with the following page unmapped.<br /> CFB mode is not used in TLS/DTLS protocols, which use CBC, GCM, CCM, or<br /> ChaCha20-Poly1305 instead. For these reasons the issue was assessed as<br /> Low severity according to our Security Policy.<br /> <br /> Only x86-64 systems with AVX-512 and VAES instruction support are affected.<br /> Other architectures and systems without VAES support use different code<br /> paths that are not affected.<br /> <br /> OpenSSL FIPS module in 3.6 version is affected by this issue.