Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8330611

AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

    XMLWordPrintable

Details

    • b20
    • x86_64
    • generic

    Backports

      Description

        The AES-CTR vector intrinsic may read the Java heap out of bounds in x86_64 with AVX-512 instructions (extensions avx512bw, avx512vl and vaes are required). This happens when the input's size is not multiple of the block size (16 bytes) or, in other words, when there is a tail of plaintext/ciphertext to process. While the extra data spuriously read is intentionally discarded —and there is no risk of leaking or corrupting data—, this could be a problem if the array containing the input is located at the end of the Java heap. In this extreme case, it's possible to read an unmapped memory region or a region with non-read permissions, which would trigger a segmentation fault and a JVM crash. This bug is not easy to reproduce or likely to happen but there has been a report providing evidence of a real occurence.

        Attachments

          Issue Links

            Activity

              People

                mbalao Martin Balao
                mbalao Martin Balao
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: