CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is exposed even if the tag is incorrect. This is because in decrypt_inplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The vulnerability is fixed in 0.4.3.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
GitHub_MCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rust-aes-gcm
questing
needs-triage
plucky
ignored
oracular
ignored
noble
needs-triage
jammy
dne
focal
dne
Common Weakness Enumeration
References
https://github.com/RustCrypto/AEADs/commit/d1d749ba57e38e65b0e037cd744d0b17f7254037
https://github.com/RustCrypto/AEADs/security/advisories/GHSA-r38m-44fw-h886