CVE-2026-8149 Overview
CVE-2026-8149 affects the Legion of the Bouncy Castle Inc. BC-FJA (BC-FIPS) cryptographic provider on Linux x86_64 platforms with AVX and AVX-512f instruction set extensions. The vulnerability resides in the Galois/Counter Mode (GCM) implementation files gcm128w and gcm512w. It impacts BC-FJA versions 2.1.0 through 2.1.2. The issue is categorized under [CWE-1068] (Inconsistency Between Implementation and Documented Design) and requires local access for exploitation. Limited availability impact has been confirmed, while confidentiality and integrity remain unaffected based on the published CVSS 4.0 vector.
Critical Impact
Local attackers may trigger limited availability disruption in applications relying on BC-FIPS GCM operations on AVX-512 capable Linux hosts.
Affected Products
- Legion of the Bouncy Castle BC-FJA (BC-FIPS) 2.1.0
- Legion of the Bouncy Castle BC-FJA (BC-FIPS) 2.1.1
- Legion of the Bouncy Castle BC-FJA (BC-FIPS) 2.1.2
Discovery Timeline
- 2026-05-08 - CVE-2026-8149 published to NVD
- 2026-05-08 - Last updated in NVD database
Technical Details for CVE-2026-8149
Vulnerability Analysis
The vulnerability affects the BC-FIPS Java cryptographic provider, specifically its hardware-accelerated GCM implementation. BC-FIPS leverages native code paths optimized with AVX and AVX-512f vector instructions to accelerate Galois/Counter Mode authenticated encryption. The affected components, gcm128w and gcm512w, implement 128-bit and 512-bit wide GHASH computations using vectorized multiplication.
Exploitation requires local access to a system running a vulnerable BC-FJA release on a Linux x86_64 host with AVX-512f support. The CVSS 4.0 metrics indicate no user interaction or privileges are required, with limited impact restricted to availability of the vulnerable component. No confidentiality or integrity impact has been documented.
Root Cause
The root cause is an inconsistency between the documented FIPS-validated design and the optimized AVX/AVX-512 implementation in gcm128w and gcm512w. Detailed technical information remains restricted to vendor channels referenced by the advisory.
Attack Vector
A local actor invokes BC-FIPS GCM cryptographic operations under conditions that exercise the AVX-512f code path. Because the issue depends on specific instruction set extensions, only hosts where the optimized path is active are affected. No proof-of-concept exploit is publicly available, and the issue is not listed in the CISA Known Exploited Vulnerabilities catalog.
No verified exploitation code is available. Refer to the Bouncy Castle advisory resource for vendor-controlled technical details.
Detection Methods for CVE-2026-8149
Indicators of Compromise
- Crashes or unexpected termination of Java processes invoking BC-FIPS GCM operations on AVX-512f capable Linux hosts.
- Application error logs referencing gcm128w or gcm512w native code paths within the BC-FIPS provider.
Detection Strategies
- Inventory Java applications and identify those bundling bc-fips JARs at versions 2.1.0, 2.1.1, or 2.1.2.
- Audit runtime environments for Linux x86_64 hosts exposing AVX-512f via /proc/cpuinfo flags that also run vulnerable BC-FIPS releases.
- Correlate JVM crash dumps and hs_err_pid files with stack frames in the BC-FIPS GCM native module.
Monitoring Recommendations
- Track BC-FIPS provider version metadata in software bill of materials (SBOM) feeds across Linux fleets.
- Alert on repeated abnormal terminations of services performing AES-GCM encryption or decryption.
- Monitor changes to java.security provider lists that load BC-FIPS at affected versions.
How to Mitigate CVE-2026-8149
Immediate Actions Required
- Identify all deployments running BC-FJA (BC-FIPS) 2.1.0 through 2.1.2 on Linux x86_64 systems with AVX-512f.
- Restrict local access to hosts running vulnerable BC-FIPS versions until remediation is applied.
- Coordinate with application owners to schedule upgrades to a fixed BC-FIPS release once published by the vendor.
Patch Information
Consult the Bouncy Castle advisory resource for fixed version availability. Upgrade to a vendor-supplied release outside the 2.1.0–2.1.2 range that addresses the GCM implementation inconsistency.
Workarounds
- Disable AVX-512f acceleration in the runtime environment, forcing BC-FIPS to fall back to the non-vectorized GCM path where supported.
- Relocate sensitive workloads to Linux hosts whose CPUs do not advertise AVX-512f until a patched BC-FIPS version is deployed.
- Limit local user accounts on affected systems and enforce least privilege to reduce exposure of the local attack vector.
# Inventory BC-FIPS JARs across a Linux host
find / -type f -name 'bc-fips-*.jar' 2>/dev/null
# Confirm AVX-512f support on the host
grep -o 'avx512f' /proc/cpuinfo | head -1
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
