{"schema_version":"1.7.2","id":"OESA-2026-1663","modified":"2026-03-20T14:24:48Z","published":"2026-03-20T14:24:48Z","upstream":["CVE-2025-69418"],"summary":"edk2 security update","details":"EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications.\r\n\r\nSecurity Fix(es):\n\nIssue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware-accelerated code paths, inputs whose length is not a multiple<br>of 16 bytes can leave the final partial block unencrypted and unauthenticated.<br><br>Impact summary: The trailing 1-15 bytes of a message may be exposed in<br>cleartext on encryption and are not covered by the authentication tag,<br>allowing an attacker to read or tamper with those bytes without detection.<br><br>The low-level OCB encrypt and decrypt routines in the hardware-accelerated<br>stream path process full 16-byte blocks but do not advance the input/output<br>pointers. The subsequent tail-handling code then operates on the original<br>base pointers, effectively reprocessing the beginning of the buffer while<br>leaving the actual trailing bytes unprocessed. The authentication checksum<br>also excludes the true tail bytes.<br><br>However, typical OpenSSL consumers using EVP are not affected because the<br>higher-level EVP and provider OCB implementations split inputs so that full<br>blocks and trailing partial blocks are processed in separate calls, avoiding<br>the problematic code path. Additionally, TLS does not use OCB ciphersuites.<br>The vulnerability only affects applications that call the low-level<br>CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with<br>non-block-aligned lengths in a single call on hardware-accelerated builds.<br>For these reasons the issue was assessed as Low severity.<br><br>The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected<br>by this issue, as OCB mode is not a FIPS-approved algorithm.<br><br>OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.<br><br>OpenSSL 1.0.2 is not affected by this issue.(CVE-2025-69418)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS-SP3","name":"edk2","purl":"pkg:rpm/openEuler/edk2&distro=openEuler-24.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"202308-33.oe2403sp3"}]}],"ecosystem_specific":{"aarch64":["edk2-debuginfo-202308-33.oe2403sp3.aarch64.rpm","edk2-debugsource-202308-33.oe2403sp3.aarch64.rpm","edk2-devel-202308-33.oe2403sp3.aarch64.rpm"],"noarch":["edk2-aarch64-202308-33.oe2403sp3.noarch.rpm","edk2-help-202308-33.oe2403sp3.noarch.rpm","edk2-ovmf-202308-33.oe2403sp3.noarch.rpm","python3-edk2-devel-202308-33.oe2403sp3.noarch.rpm"],"src":["edk2-202308-33.oe2403sp3.src.rpm"],"x86_64":["edk2-debuginfo-202308-33.oe2403sp3.x86_64.rpm","edk2-debugsource-202308-33.oe2403sp3.x86_64.rpm","edk2-devel-202308-33.oe2403sp3.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1663"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69418"}],"database_specific":{"severity":"Medium"}}