Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8330611

AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512)

XMLWordPrintable

    • b20
    • x86_64
    • generic

        The AES-CTR vector intrinsic may read the Java heap out of bounds in x86_64 with AVX-512 instructions (extensions avx512bw, avx512vl and vaes are required). This happens when the input's size is not multiple of the block size (16 bytes) or, in other words, when there is a tail of plaintext/ciphertext to process. While the extra data spuriously read is intentionally discarded —and there is no risk of leaking or corrupting data—, this could be a problem if the array containing the input is located at the end of the Java heap. In this extreme case, it's possible to read an unmapped memory region or a region with non-read permissions, which would trigger a segmentation fault and a JVM crash. This bug is not easy to reproduce or likely to happen but there has been a report providing evidence of a real occurence.

              mbalao Martin Balao Alonso
              mbalao Martin Balao Alonso
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: