Name of the Vulnerable Software and Affected Versions: aes crate (affected versions not specified)

Description: The aes crate has been updated to autodetect AES-NI at runtime on i686/x86-64 platforms. If AES-NI is not present, it falls back to a constant-time portable software implementation. To prevent this fallback and have the absence of AES-NI result in an illegal instruction crash instead, specific RUSTFLAGS can be passed.

Recommendations: To prevent the fallback to the software implementation and ensure an illegal instruction crash when AES-NI is not present, pass the following RUSTFLAGS: RUSTFLAGS=-Ctarget-feature=+aes,+ssse3 At the moment, there is no information about a newer version that contains a fix for this vulnerability.