RUSTSEC-2026-0045: Timing Side-Channel in AES-CCM Tag Verification in AWS-LC #423
Description
| Details | |
|---|---|
| Package | aws-lc-sys |
| Version | 0.37.1 |
| URL | https://aws.amazon.com/security/security-bulletins/2026-005-AWS |
| Patched Versions | >=0.38.0 |
| Unaffected Versions | <0.14.0 |
| Aliases | CVE-2026-3337, GHSA-65p9-r9h6-22vj, GHSA-frmv-5gcm-jwxh |
Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an
unauthenticated user to potentially determine authentication tag validity
via timing analysis.
The impacted implementations are through the EVP CIPHER API:
EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm.
Customers of AWS services do not need to take action. aws-lc-sys contains
code from AWS-LC. Applications using aws-lc-sys should upgrade to the most
recent release of aws-lc-sys.
Workarounds
In the special cases of using AES-CCM with (M=4, L=2), (M=8, L=2), or
(M=16, L=2), applications can workaround this issue by using AES-CCM through
the EVP AEAD API using implementations EVP_aead_aes_128_ccm_bluetooth,
EVP_aead_aes_128_ccm_bluetooth_8, and EVP_aead_aes_128_ccm_matter
respectively.
Otherwise, there is no workaround and applications using aws-lc-sys should
upgrade to the most recent release.