PyCryptodome before 3.6.6 has an integer overflow in the datalen variable in AESNI.c, related to the AESNIencrypt and AESNI_decrypt functions, leading to the mishandling of messages shorter than 16 bytes.