Denial-of-Service Vulnerability Discovered in Kubernetes AWS KMS Provider's aws-encryption-provider

Researchers at Syntetisk discovered a denial-of-service vulnerability in the Kubernetes AWS KMS provider’s aws-encryption-provider. The issue occurs when an empty ciphertext field triggers an unrecoverable Go panic, causing the plugin process to crash. The findings include root-cause analysis, crash path details, reproducer examples, impact discussion, and a disclosure timeline.