Описание
openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.
A flaw was found in openCryptoki, a library for cryptographic operations. A local attacker can exploit a heap buffer overflow vulnerability within the CKM_ECDH_AES_KEY_WRAP implementation. By providing a compressed Elliptic Curve (EC) public key and invoking the C_WrapKey function, the attacker can trigger out-of-bounds writes. This can lead to heap corruption and a denial-of-service (DoS) condition, making the application unavailable.
Отчет
A local attacker can exploit a heap buffer overflow in openCryptoki's CKM_ECDH_AES_KEY_WRAP implementation, leading to heap corruption and denial of service. This vulnerability has been rated as Moderate by the Red Hat Product security team as, although it may lead to a out-of-bounds write, the impact is limited. When exploiting this vulnerability the attacker has little control over the memory position to be overwritten, additionally the size of the buffer being overwritten is relatively small (around 32 bytes for a P-256 public key for example) making it very difficult to inject any valid payload into memory.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | opencryptoki | Fix deferred | ||
| Red Hat Enterprise Linux 6 | opencryptoki | Not affected | ||
| Red Hat Enterprise Linux 7 | opencryptoki | Not affected | ||
| Red Hat Enterprise Linux 8 | opencryptoki | Not affected | ||
| Red Hat Enterprise Linux 9 | opencryptoki | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.
openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap buffer overflow vulnerability in the CKM_ECDH_AES_KEY_WRAP implementation allows an attacker with local access to cause out-of-bounds writes in the host process by supplying a compressed EC public key and invoking C_WrapKey. This can lead to heap corruption, or denial-of-service.
openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25 ...
EPSS
6.6 Medium
CVSS3