CVE-2025-69418

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 3.6 OpenSSL version 1.0.2 is not affected

Description The issue relates to the handling of non-block-aligned input lengths when using the low-level OCB API directly with AES-NI or other hardware-accelerated code paths. Specifically, inputs that are not a multiple of 16 bytes can result in the final partial block remaining unencrypted and unauthenticated. This can expose the trailing 1-15 bytes of a message in cleartext and bypass the authentication tag, potentially allowing an attacker to read or tamper with those bytes without detection. The vulnerability affects applications directly calling the

CRYPTO ocb128 encrypt()

CRYPTO ocb128 decrypt()

functions. Higher-level implementations like EVP are not affected. The issue was assessed as having low severity.

Recommendations OpenSSL versions 1.1.1 through 3.6: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-325

Related Identifiers

CVE-2025-69418

Affected Products

Openssl 1.0.2

Openssl 1.1.1

Openssl 3.6

CVE-2025-69418

Weakness Enumeration

Related Identifiers

Affected Products

References · 11