PatchSiren cyber security CVE debrief
CVE-2026-45784 rust-openssl CVE debrief
CVE-2026-45784 is a vulnerability in rust-openssl, specifically in the CipherCtxRef::cipher_update_inplace function. From version 0.10.50 to 0.10.79, this function incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVP_aes_{128,192,256}_wrap_pad. This could lead to up to 7 bytes being written past the end of the caller's buffer or Vec for non-multiple-of-8 inputs, resulting in attacker-controllable heap corruption when the plaintext length is attacker-influenced. The issue is fixed in version 0.10.80.
- Vendor
- rust-openssl
- Product
- Unknown
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-17
- Original CVE updated
- 2026-07-17
- Advisory published
- 2026-07-17
- Advisory updated
- 2026-07-17
Who should care
Developers and administrators using the rust-openssl library, especially those working with cryptographic operations, should be aware of this vulnerability. The vulnerability's impact is medium, with a CVSS score of 5.1, indicating that it could be exploited locally with low attack complexity.
Technical summary
The vulnerability is located in the openssl/src/cipher_ctx.rs file of the rust-openssl library. The CipherCtxRef::cipher_update_inplace function fails to properly size output buffers for certain AES ciphers with padding. Specifically, when using EVP_aes_{128,192,256}_wrap_pad ciphers, the function can write up to 7 bytes beyond the allocated buffer for inputs not aligned to 8 bytes. This can lead to heap corruption that can be controlled by an attacker, potentially allowing for code execution or denial of service.
Defensive priority
Medium priority due to local attack vector and potential for heap corruption.
Recommended defensive actions
- Update rust-openssl to version 0.10.80 or later
- Review and audit cryptographic operations using rust-openssl
- Implement additional monitoring for potential heap corruption issues
- Consider compensating controls such as input validation and additional buffer checks
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed
Evidence notes
The CVE record was published on 2026-07-17T21:17:06.503Z and has not been modified since then. The NVD entry is currently unassigned a status. The vulnerability details come from the CVE record and the rust-openssl repository.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-17T21:17:06.503Z and has not been modified since then.