CVE-2024-21502

Опубликовано: 24 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemath_mul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free(), arbitrary realloc(), null pointer dereference and other. Since the stack can be controlled by the attacker, the vulnerability could be used to corrupt allocator structure, leading to possible heap exploitation. The attacker could cause denial of service by exploiting this vulnerability.

Ссылки

https://gist.github.com/keltecc/49da037072276f21b005a8337c15db26
Exploit
Third Party Advisory
https://github.com/AntonKueltz/fastecdsa/blob/v2.3.1/src/curveMath.c%23L210
Broken Link
https://github.com/AntonKueltz/fastecdsa/commit/57fc5689c95d649dab7ef60cc99ac64589f01e36
Patch
https://security.snyk.io/vuln/SNYK-PYTHON-FASTECDSA-6262045
Exploit
Third Party Advisory
https://gist.github.com/keltecc/49da037072276f21b005a8337c15db26
Exploit
Third Party Advisory
https://github.com/AntonKueltz/fastecdsa/blob/v2.3.1/src/curveMath.c%23L210
Broken Link
https://github.com/AntonKueltz/fastecdsa/commit/57fc5689c95d649dab7ef60cc99ac64589f01e36
Patch
https://security.snyk.io/vuln/SNYK-PYTHON-FASTECDSA-6262045
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:antonkueltz:fastecdsa:*:*:*:*:*:*:*:*

Версия до 2.3.2 (исключая)

EPSS

Процентиль: 26%

0.0009

Низкий

7.5 High

CVSS3

Дефекты

CWE-457

CWE-908

Связанные уязвимости

GHSA-ph86-g9r3-5qw4