CVE-2026-45784 in rust-opensslinfo

Summary

by MITRE • 07/17/2026

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.50 until 0.10.80, CipherCtxRef::cipher_update_inplace in openssl/src/cipher_ctx.rs incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVP_aes_{128,192,256}_wrap_pad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec, producing attacker-controllable heap corruption when the plaintext length is attacker-influenced. This issue is fixed in version 0.10.80.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 07/17/2026

The rust-openssl library serves as a critical cryptographic binding for rust applications, providing access to OpenSSL's extensive crypto functionality through safe rust interfaces. This vulnerability affects versions between 0.10.50 and 0.10.80 of the library, specifically targeting the CipherCtxRef::cipher_update_inplace function that handles AES key-wrap-with-padding operations. The flaw manifests when processing data with AES algorithms using wrap padding modes including aes_128_wrap_pad, aes_192_wrap_pad, and aes_256_wrap_pad. When input data length is not a multiple of 8 bytes, the implementation fails to properly calculate buffer boundaries during encryption or decryption operations.

The technical flaw stems from improper buffer sizing calculations within the cipher_update_inplace method where the code does not account for the maximum possible output size required by the AES key-wrap-with-padding algorithm. This results in OpenSSL's underlying EVP_CIPHER_CTX functions writing up to seven bytes beyond the allocated memory buffer boundaries that the rust application provides. The vulnerability operates through a classic heap overflow condition where attacker-controlled plaintext data influences the exact amount of memory over-read or over-write operations, creating conditions for memory corruption that can be exploited to compromise system integrity.

This issue directly relates to CWE-121 and CWE-787 which cover stack and heap buffer overflow conditions respectively, while also aligning with ATT&CK technique T1059.007 for execution through command-line interfaces and T1555.003 for credential access through cryptographic key manipulation. The operational impact extends beyond simple memory corruption as it creates potential for arbitrary code execution when the corrupted heap memory is subsequently accessed by other program components. Applications using rust-openssl for encryption operations with AES wrap padding modes become vulnerable to remote exploitation when attacker-influenced data flows through the affected cipher_update_inplace method.

Mitigation strategies include immediate upgrade to version 0.10.80 or later where the buffer sizing calculations have been corrected to properly account for maximum output requirements of AES key-wrap-with-padding algorithms. Additionally, developers should implement input validation and length checking routines before processing sensitive data through cryptographic functions, particularly when dealing with attacker-controllable inputs. Security monitoring should be enhanced to detect unusual heap memory access patterns that might indicate exploitation attempts, while code reviews should verify proper buffer boundary calculations in all cryptographic operations. Organizations using rust-openssl should also consider implementing memory corruption detection tools and runtime protections such as stack canaries or address space layout randomization to reduce the impact of potential exploitation attempts.

Responsible

GitHub M

Reservation

05/13/2026

Disclosure

07/17/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!