Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3141 articles · 171662 vulns · 37/41 feeds (7d)
← Back to list
—
CVE-2026-41678EXPLOITEDPATCHED
rust-openssl_project · rust-openssl

rust-openssl: Incorrect bounds assertion in aes key wrap

Description

rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= in_.len(), but this condition is reversed. The intended invariant is out.len() >= in_.len() - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers at or below the minimum required size and rejects larger ones. If a smaller buffer is provided the function will write past the end of out by in_.len() - 8 - out.len() bytes, causing an out-of-bounds write from a safe public function. This vulnerability is fixed in 0.10.78.

Affected Products

VendorProductVersions
rust-openssl_projectrust-opensslrust/openssl: >= 0.10.24, < 0.10.78

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
oracleoracle linuxcert_advisory90%

References

  • https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-8c75-8mhr-p7r9(x_refsource_CONFIRM)

Related News (3 articles)

Tier B
BSI Advisories44d ago
[NEU] [hoch] Oracle Linux: Mehrere Schwachstellen
→ No new info (linked only)
Tier A
Microsoft MSRC70d ago
CVE-2026-41678 rust-openssl: Incorrect bounds assertion in aes key wrap
→ No new info (linked only)
Tier C
VulDB72d ago
CVE-2026-41678 | rust-openssl up to 0.10.77 aes::unwrap_key out-of-bounds write (GHSA-8c75-8mhr-p7r9)
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
openssl@0.10.78
CWECWE-787
PublishedApr 22, 2026
Last enriched72d agov2
Tags
GHSA-8c75-8mhr-p7r9rust
Trending Score0
Source articles3
Independent3
Info Completeness8/14
Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (4)

HIGHCVE-2026-41676EXP
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
Trending: 83
CRITICALCVE-2026-41898EXP
rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer
LOWCVE-2026-41677EXP
rust-openssl: Out-of-bounds read in PEM password callback when user callback returns an oversized length
HIGHCVE-2026-41681EXP
rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Apr 22, 2026
Discovered by ZDM
Apr 22, 2026
Updated: description, severity, activelyExploited
Apr 24, 2026
Actively Exploited
Apr 24, 2026
Patch Available
Apr 24, 2026

Version History

v2
Last enriched 72d ago
v2Tier C72d ago

Updated severity to CRITICAL, marked as actively exploited, and corrected exploit availability to false.

descriptionseverityactivelyExploited
via VulDB
v174d ago

Initial creation