openssl crate, Out-of-bounds write, CVE-2026-41678 (Critical)

Listen to this Post

The vulnerability resides in aes::unwrap_key(), a public function that performs AES key unwrapping. The function contains a bounds assertion that is reversed due to a logic error. Specifically, it checks out.len() + 8 <= in_.len(), whereas it should verify `out.len() >= in_.len() – 8` to guarantee the output buffer is sufficiently large. Because the condition is inverted, the function incorrectly accepts output buffers that are too small and rejects buffers that are correctly sized. When a tiny output buffer is provided, the function writes past the end of the buffer by `in_.len() – 8 – out.len()` bytes, leading to an out-of‑bounds write. This issue is present in all versions of the `openssl` crate from 0.10.24 to 0.10.77. The vulnerability was fixed in version 0.10.78, where the assertion was corrected to out.len() + 8 >= in_.len(). The flaw is reachable whenever an attacker can control the size of the buffer passed to unwrap_key(), allowing arbitrary memory corruption. The CVE was assigned on 2026‑04‑22 and carries a HIGH severity rating from the GitHub Advisory Database.

dailycve form

Platform: Rust (crates.io)
Version: 0.10.24 – 0.10.77
Vulnerability: Out‑of‑bounds write
Severity: HIGH
Date: 2026‑04‑22

Prediction: 2026‑04‑19

Analytics under What Undercode Say:

Check your Cargo.toml for the openssl dependency version
grep -E '^openssl = ' Cargo.toml
Audit the cargo project for known vulnerabilities (requires cargo-audit)
cargo install cargo-audit
cargo audit
Quick test to see if unwrap_key() panics with a small output buffer (requires the openssl crate and a test key)
cargo test --package openssl -- aes::test::test_unwrap_key_out_too_small_panics --nocapture
If you are using an affected version, upgrade to the patched release
cargo update -p [email protected]

Exploit:

An attacker who can specify the size of the output buffer passed to `aes::unwrap_key()` may cause the function to write 8 or more bytes beyond the end of the buffer. By carefully crafting the input key wrap material, the attacker can overwrite adjacent memory, potentially corrupting heap metadata or other sensitive data structures. This can lead to arbitrary code execution or a denial‑of‑service condition.

Protection from this CVE

  • Upgrade the `openssl` crate to version 0.10.78 or later.
  • Avoid using `aes::unwrap_key()` with attacker‑controlled buffer sizes.
  • Apply memory‑safe programming practices, such as using Rust’s slice bounds checks or a safe abstraction that validates buffer lengths before calling the vulnerable function.
  • Use cargo‑audit to detect vulnerable dependencies in your project.

Impact

Successful exploitation can result in memory corruption, allowing an attacker to execute arbitrary code, crash the application, or leak sensitive information. Applications that handle untrusted AES‑wrapped keys are particularly at risk. The vulnerability is classified as HIGH severity because it can be triggered from a safe public function without requiring unsafe code.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top