Critical AWS-LC Vulnerabilities Expose Systems to Certificate Verification Bypass and Timing Attacks
Amazon Web Services (AWS) has recently disclosed three critical vulnerabilities within its open-source cryptographic library, AWS-LC. These flaws, if exploited, could allow unauthenticated attackers to bypass certificate chain verification and leverage timing side-channel attacks, potentially compromising the cryptographic integrity of affected systems.
Overview of the Vulnerabilities
The vulnerabilities are primarily associated with the `PKCS7_verify()` function in the AWS-LC library:
1. CVE-2026-3336: This vulnerability arises from improper certificate validation when processing PKCS7 objects containing multiple signers. The system only verifies the final signer, enabling attackers to bypass certificate chain verification.
2. CVE-2026-3338: Similar to the first, this flaw allows threat actors to completely bypass signature verification when handling PKCS7 objects that include Authenticated Attributes.
3. CVE-2026-3337: This issue introduces a timing side-channel vulnerability during AES-CCM tag verification. By analyzing the time taken to process data during decryption, attackers can determine the validity of an authentication tag, thereby weakening the encryption’s overall reliability.
Affected Versions and Immediate Recommendations
AWS strongly advises all customers to upgrade to the latest major versions of AWS-LC without delay. The affected versions include:
– AWS-LC 1.21.0 to versions before 1.69.0
– AWS-LC-FIPS 3.0.0 to versions before 3.2.0
– aws-lc-sys 0.14.0 to versions before 0.38.0
– aws-lc-sys-fips 0.13.0 to versions before 0.13.12
All these versions have now been patched.
Discovery and Disclosure
The AISLE Research Team collaborated with AWS to identify and disclose CVE-2026-3336 and CVE-2026-3337 through a coordinated vulnerability disclosure process.
Mitigation Strategies
Currently, there are no known workarounds for the PKCS7_verify bypass vulnerabilities (CVE-2026-3336 and CVE-2026-3338). Organizations must apply the provided software updates to secure their environments.
For the AES-CCM timing flaw (CVE-2026-3337), a temporary workaround exists for specific configurations. Customers utilizing AES-CCM with parameters (M=4, L=2), (M=8, L=2), or (M=16, L=2) can mitigate the issue by routing AES-CCM through the EVP AEAD API. This requires using the `EVP_aead_aes_128_ccm_bluetooth`, `EVP_aead_aes_128_ccm_bluetooth_8`, and `EVP_aead_aes_128_ccm_matter` implementations, respectively.
Broader Implications
These vulnerabilities underscore the critical importance of rigorous certificate validation and the potential risks associated with timing side-channel attacks. Organizations relying on AWS-LC for cryptographic operations should prioritize these updates to maintain the security and integrity of their systems.
