Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8330611

AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

    XMLWordPrintable

Details

    • b20
    • x86_64
    • generic

    Backports

      Description

        The AES-CTR vector intrinsic may read the Java heap out of bounds in x86_64 with AVX-512 instructions (extensions avx512bw, avx512vl and vaes are required). This happens when the input's size is not multiple of the block size (16 bytes) or, in other words, when there is a tail of plaintext/ciphertext to process. While the extra data spuriously read is intentionally discarded —and there is no risk of leaking or corrupting data—, this could be a problem if the array containing the input is located at the end of the Java heap. In this extreme case, it's possible to read an unmapped memory region or a region with non-read permissions, which would trigger a segmentation fault and a JVM crash. This bug is not easy to reproduce or likely to happen but there has been a report providing evidence of a real occurence.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8334062 AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8334148 AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8335724 AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8334142 AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

            • P3 - Major loss of function.
            • Closed
            relates to

            Enhancement - null JDK-8233741 AES Countermode (CTR) optimization using AVX512 + VAES instructions

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            links to

            Commit Commit openjdk/jdk17u-dev/c025eb6e

            Commit Commit openjdk/jdk21u-dev/66e3ea62

            Commit Commit openjdk/jdk22u/c68a285a

            Commit Commit openjdk/jdk/8a8d9288

            Review Review openjdk/jdk17u-dev/2634

            Review Review openjdk/jdk21u-dev/531

            Review Review openjdk/jdk21u-dev/702

            Review Review openjdk/jdk22u/171

            Review Review openjdk/jdk/18849

            Activity

              People

                mbalao Martin Balao Alonso
                mbalao Martin Balao Alonso
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: