AWS-LC Vulnerability Allows Certificate Chain Verification Bypass
AWS has disclosed three security vulnerabilities in AWS-LC, its open-source general-purpose cryptographic library, published on March 2, 2026, under Bulletin ID 2026-005-AWS.
The flaws tracked as CVE-2026-3336, CVE-2026-3337, and CVE-2026-3338 affect multiple versions of the library and its Rust bindings, and could allow unauthenticated attackers to bypass cryptographic verification or leak sensitive timing information.
Three Distinct Cryptographic Flaws
CVE-2026-3336 stems from improper certificate validation inside PKCS7_verify(). When processing PKCS7 objects containing multiple signers, the library fails to properly validate the certificate chain for all signers except the final one, allowing an unauthenticated attacker to slip through verification entirely. This affects AWS-LC v1.41.0 through v1.69.0 and aws-lc-sys v0.24.0 through v0.38.0.
CVE-2026-3337 exposes an observable timing discrepancy in AES-CCM decryption. An unauthenticated attacker performing timing analysis could potentially determine whether an authentication tag is valid, opening the door to cryptographic oracle attacks.
This flaw has a broader reach, also affecting FIPS-validated builds from AWS-LC-FIPS v3.0.0 through v3.2.0, as well as the Rust bindings aws-lc-sys and aws-lc-sys-fips.
CVE-2026-3338 also resides in PKCS7_verify(), but targets signature validation rather than certificate chains. When Authenticated Attributes are present in a PKCS7 object, an unauthenticated user can bypass signature verification entirely, a critical gap in cryptographic integrity guarantees that affects the same version ranges as CVE-2026-3336.
All three vulnerabilities are fully resolved in AWS-LC v1.69.0, AWS-LC-FIPS v3.2.0, aws-lc-sys v0.38.0, and aws-lc-sys-fips v0.13.12. AWS strongly recommends upgrading to these versions immediately.
No workarounds exist for CVE-2026-3336 or CVE-2026-3338. For CVE-2026-3337, a partial workaround is available for users operating AES-CCM with specific parameter sets. (M=4, L=2), (M=8, L=2), or (M=16, L=2) by routing through the EVP AEAD API using EVP_aead_aes_128_ccm_bluetooth, EVP_aead_aes_128_ccm_bluetooth_8, or EVP_aead_aes_128_ccm_matter respectively. Outside these configurations, no workaround is viable, and upgrading remains the only effective defense.
Given that CVE-2026-3336 and CVE-2026-3338 directly undermine trust in PKCS7 digital signatures commonly used in code signing and secure messaging, immediate patching is critical for any organization relying on AWS-LC for cryptographic operations.
Site: cybersecuritypath.com
About the Author
