GraoMelo/CVE-2026-AES-Wrap-PAD-PoC

GitHub: GraoMelo/CVE-2026-AES-Wrap-PAD-PoC

Stars: 0 | Forks: 0

# CVE-2026-AES-Wrap-PAD-PoC ## Heap Buffer Overflow in AES Wrap with Padding — OpenSSL 4.0.0 **CVSS 3.1:** 8.2 (High) — `AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H` ### Root Cause The AES Wrap with Padding cipher (`aes-256-wrap-pad`, RFC 5649) calculates output as `ceil(inl/8)*8 + 8`, but: 1. **EVP layer** (`crypto/evp/evp_enc.c:690,801`) estimates `outsize = inl + 8` for WRAP mode — short by 1-7 bytes when `inl % 8 != 0` 2. **Provider check** (`cipher_aes_wrp.c:260`) validates `outsize < inl` instead of a pad-aware calculation Net result: **1-7 byte heap buffer overflow** (variable, depending on input alignment). Maximum overflow of 7 bytes when `inl % 8 == 1`. ### Impact - Heap metadata corruption → potential RCE - Variable overflow size gives attacker flexibility in heap layout targeting - Same EVP root cause as CVE-2026-TDES-Wrap (sister vulnerability) ### CI Status | Architecture | Status | |-------------|--------| | amd64 (x86_64) | [![CI amd64](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/e1f781b4c5215338.svg)](https://github.com/GraoMelo/CVE-2026-AES-Wrap-PAD-PoC/actions/workflows/ci-amd64.yml) | | arm64 (aarch64) | [![CI arm64](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/06aca2bc9f215340.svg)](https://github.com/GraoMelo/CVE-2026-AES-Wrap-PAD-PoC/actions/workflows/ci-arm64.yml) | | i686 (32-bit) | [![CI i686](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/334d17e78b215342.svg)](https://github.com/GraoMelo/CVE-2026-AES-Wrap-PAD-PoC/actions/workflows/ci-i686.yml) | ### Contents | Directory | Description | |-----------|-------------| | `PoC/` | PoC source (`poc_aes_wrap_pad_overflow.c`) + Makefile | | `patches/` | Fix patches (provider + EVP layer) | | `evidence/` | ASan crash logs (generated by CI, 3 architectures) | | `scripts/` | Build orchestration scripts | ### Build Locally ./scripts/build-openssl.sh --arch amd64 ./scripts/run-poc.sh --mode vanilla --arch amd64 # esperado: ASan crash ./scripts/build-patched.sh --arch amd64 ./scripts/run-poc.sh --mode patched --arch amd64 # esperado: buffer too small ### Sister Vulnerability A mesma root cause EVP afeta também o TDES Wrap (RFC 3217): **[CVE-2026-TDES-Wrap-PoC](https://github.com/GraoMelo/CVE-2026-TDES-Wrap-PoC)** *Discovered and reported by Everton Melo (Independent) — forense.melo@protonmail.com*