VDB

GCVE-110-MAGEIA-2022-255

GCVE-110-MAGEIA-2022-255
Advisory Published
Vulnetix · Advisory published July 12, 2022
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. (CVE-2022-2097)

Affected Products

VendorProductVersionsPlatforms
Mageiaopenssl0 (affected), 1.1.1q-1.mga8 (unaffected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›