Aws Libcrypto
Monthly
Signature verification bypass in AWS-LC's PKCS7_verify() function lets unauthenticated attackers get forged PKCS#7 objects containing Authenticated Attributes accepted as validly signed, defeating the integrity guarantee the API exists to provide. It affects applications linking AWS-LC, including the Rust aws-lc-sys binding and aws_libcrypto, and is tagged as enabling JWT/authentication-bypass attacks. No public exploit identified at time of analysis and EPSS is very low (0.03%), but integrity impact is High (CVSS 4.0 8.7) and a fixed release (1.69.0) is already available.
Timing side-channel attacks in AWS-LC's AES-CCM decryption implementation allow unauthenticated attackers to infer authentication tag validity through precise timing measurements. The vulnerability affects AWS-LC and related cryptographic libraries across multiple AES-CCM variants (128, 192, and 256-bit), potentially enabling attackers to forge authenticated messages. AWS service customers are unaffected, but applications using AWS-LC directly should upgrade to version 1.69.0 or later.
Certificate chain verification bypass in AWS-LC, Amazon's libcrypto/BoringSSL-derived cryptographic library, lets unauthenticated attackers forge trust in PKCS7 objects carrying multiple signers: PKCS7_verify() validates only the final signer and skips chain verification for all preceding signers (CWE-295). Affected applications can be tricked into accepting signed data whose earlier signers chain to untrusted or invalid certificates. There is no public exploit identified at time of analysis, EPSS is low (0.03%, 10th percentile), and AWS-managed services are unaffected per the vendor, but the flaw is fixed in AWS-LC 1.69.0.
Signature verification bypass in AWS-LC's PKCS7_verify() function lets unauthenticated attackers get forged PKCS#7 objects containing Authenticated Attributes accepted as validly signed, defeating the integrity guarantee the API exists to provide. It affects applications linking AWS-LC, including the Rust aws-lc-sys binding and aws_libcrypto, and is tagged as enabling JWT/authentication-bypass attacks. No public exploit identified at time of analysis and EPSS is very low (0.03%), but integrity impact is High (CVSS 4.0 8.7) and a fixed release (1.69.0) is already available.
Timing side-channel attacks in AWS-LC's AES-CCM decryption implementation allow unauthenticated attackers to infer authentication tag validity through precise timing measurements. The vulnerability affects AWS-LC and related cryptographic libraries across multiple AES-CCM variants (128, 192, and 256-bit), potentially enabling attackers to forge authenticated messages. AWS service customers are unaffected, but applications using AWS-LC directly should upgrade to version 1.69.0 or later.
Certificate chain verification bypass in AWS-LC, Amazon's libcrypto/BoringSSL-derived cryptographic library, lets unauthenticated attackers forge trust in PKCS7 objects carrying multiple signers: PKCS7_verify() validates only the final signer and skips chain verification for all preceding signers (CWE-295). Affected applications can be tricked into accepting signed data whose earlier signers chain to untrusted or invalid certificates. There is no public exploit identified at time of analysis, EPSS is low (0.03%, 10th percentile), and AWS-managed services are unaffected per the vendor, but the flaw is fixed in AWS-LC 1.69.0.