Vulnerabilites related to nasa - CryptoLib
cve-2025-29910
Vulnerability from cvelistv5
Published
2025-03-17 22:04
Modified
2025-03-18 13:21
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A memory leak vulnerability was identified in the `crypto_handle_incrementing_nontransmitted_counter` function of CryptoLib versions 1.3.3 and prior. This vulnerability can lead to resource exhaustion and degraded system performance over time, particularly in long-running processes or systems processing large volumes of data. The vulnerability is present in the `crypto_handle_incrementing_nontransmitted_counter` function within `crypto_tc.c`. The function allocates memory using `malloc` without ensuring the allocated memory is always freed. This issue can lead to resource exhaustion, reduced system performance, and potentially a Denial of Service (DoS) in environments where CryptoLib is used in long-running processes or with large volumes of data. Any system using CryptoLib, especially those handling high-throughput or continuous data streams, could be impacted. As of time of publication, no known patched versions are available.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5 | x_refsource_CONFIRM |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-29910", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T13:21:13.942293Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:21:17.751Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A memory leak vulnerability was identified in the `crypto_handle_incrementing_nontransmitted_counter` function of CryptoLib versions 1.3.3 and prior. This vulnerability can lead to resource exhaustion and degraded system performance over time, particularly in long-running processes or systems processing large volumes of data. The vulnerability is present in the `crypto_handle_incrementing_nontransmitted_counter` function within `crypto_tc.c`. The function allocates memory using `malloc` without ensuring the allocated memory is always freed. This issue can lead to resource exhaustion, reduced system performance, and potentially a Denial of Service (DoS) in environments where CryptoLib is used in long-running processes or with large volumes of data. Any system using CryptoLib, especially those handling high-throughput or continuous data streams, could be impacted. As of time of publication, no known patched versions are available.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 5.5, baseSeverity: "MEDIUM", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-401", description: "CWE-401: Missing Release of Memory after Effective Lifetime", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T22:04:34.724Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5", }, ], source: { advisory: "GHSA-p38w-p2r8-g6g5", discovery: "UNKNOWN", }, title: "CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-29910", datePublished: "2025-03-17T22:04:34.724Z", dateReserved: "2025-03-12T13:42:22.134Z", dateUpdated: "2025-03-18T13:21:17.751Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-29913
Vulnerability from cvelistv5
Published
2025-03-17 22:50
Modified
2025-03-18 14:07
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_TC_Prep_AAD` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. The vulnerability lies in the function `Crypto_TC_Prep_AAD`, specifically during the computation of `tc_mac_start_index`. The affected code incorrectly calculates the MAC start index without ensuring it remains within the bounds of the `ingest` buffer. When `tc_mac_start_index` underflows due to an incorrect length calculation, the function attempts to access an out-of-bounds memory location, leading to a segmentation fault. The vulnerability is still present in the repository as of commit `d3cc420ace96d02a5b7e83d88cbd2e48010d5723`.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6 | x_refsource_CONFIRM |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-29913", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T14:07:20.908586Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T14:07:35.486Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_TC_Prep_AAD` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. The vulnerability lies in the function `Crypto_TC_Prep_AAD`, specifically during the computation of `tc_mac_start_index`. The affected code incorrectly calculates the MAC start index without ensuring it remains within the bounds of the `ingest` buffer. When `tc_mac_start_index` underflows due to an incorrect length calculation, the function attempts to access an out-of-bounds memory location, leading to a segmentation fault. The vulnerability is still present in the repository as of commit `d3cc420ace96d02a5b7e83d88cbd2e48010d5723`.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.9, baseSeverity: "HIGH", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-191", description: "CWE-191: Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T22:50:49.074Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6", }, ], source: { advisory: "GHSA-q4v2-fvrv-qrf6", discovery: "UNKNOWN", }, title: "CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-29913", datePublished: "2025-03-17T22:50:49.074Z", dateReserved: "2025-03-12T13:42:22.135Z", dateUpdated: "2025-03-18T14:07:35.486Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-44912
Vulnerability from cvelistv5
Published
2024-09-27 00:00
Modified
2025-03-17 21:31
Severity ?
EPSS score ?
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-44912", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-17T21:31:00.453801Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T21:31:32.712Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-27T14:20:46.144Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/nasa/CryptoLib/issues/268", }, { url: "https://visionspace.com/crashing-cryptolib/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-44912", datePublished: "2024-09-27T00:00:00.000Z", dateReserved: "2024-08-21T00:00:00.000Z", dateUpdated: "2025-03-17T21:31:32.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-30356
Vulnerability from cvelistv5
Published
2025-04-01 22:06
Modified
2025-04-02 13:46
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-6w2x-w7w3-85w2 | x_refsource_CONFIRM | |
| https://github.com/nasa/CryptoLib/commit/59d1bce7608c94c6131ef4877535075b0649799c | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-30356", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-02T13:46:23.793681Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-02T13:46:42.702Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-6w2x-w7w3-85w2", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 9.3, baseSeverity: "CRITICAL", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "CWE-191: Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-01T22:06:22.576Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-6w2x-w7w3-85w2", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-6w2x-w7w3-85w2", }, { name: "https://github.com/nasa/CryptoLib/commit/59d1bce7608c94c6131ef4877535075b0649799c", tags: [ "x_refsource_MISC", ], url: "https://github.com/nasa/CryptoLib/commit/59d1bce7608c94c6131ef4877535075b0649799c", }, ], source: { advisory: "GHSA-6w2x-w7w3-85w2", discovery: "UNKNOWN", }, title: "Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity`", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-30356", datePublished: "2025-04-01T22:06:22.576Z", dateReserved: "2025-03-21T14:12:06.270Z", dateUpdated: "2025-04-02T13:46:42.702Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-44911
Vulnerability from cvelistv5
Published
2024-09-27 00:00
Modified
2025-03-18 20:50
Severity ?
EPSS score ?
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c).
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-44911", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-27T16:55:07.704368Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-18T20:50:31.119Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-31T15:48:35.237Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/nasa/CryptoLib/issues/268", }, { url: "https://visionspace.com/crashing-cryptolib/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-44911", datePublished: "2024-09-27T00:00:00.000Z", dateReserved: "2024-08-21T00:00:00.000Z", dateUpdated: "2025-03-18T20:50:31.119Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-30216
Vulnerability from cvelistv5
Published
2025-03-25 19:22
Modified
2025-03-25 19:37
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-v3jc-5j74-hcjv | x_refsource_CONFIRM | |
| https://github.com/nasa/CryptoLib/commit/810fd66d592c883125272fef123c3240db2f170f | x_refsource_MISC | |
| https://github.com/user-attachments/assets/d49cea04-ce84-4d60-bb3a-987e843f09c4 | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-30216", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-25T19:37:16.643373Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-25T19:37:44.551Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-25T19:22:22.645Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-v3jc-5j74-hcjv", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-v3jc-5j74-hcjv", }, { name: "https://github.com/nasa/CryptoLib/commit/810fd66d592c883125272fef123c3240db2f170f", tags: [ "x_refsource_MISC", ], url: "https://github.com/nasa/CryptoLib/commit/810fd66d592c883125272fef123c3240db2f170f", }, { name: "https://github.com/user-attachments/assets/d49cea04-ce84-4d60-bb3a-987e843f09c4", tags: [ "x_refsource_MISC", ], url: "https://github.com/user-attachments/assets/d49cea04-ce84-4d60-bb3a-987e843f09c4", }, ], source: { advisory: "GHSA-v3jc-5j74-hcjv", discovery: "UNKNOWN", }, title: "CryptoLib Has Heap Overflow in Crypto_TM_ProcessSecurity due to Unchecked Secondary Header Length", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-30216", datePublished: "2025-03-25T19:22:22.645Z", dateReserved: "2025-03-18T18:15:13.850Z", dateUpdated: "2025-03-25T19:37:44.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-29909
Vulnerability from cvelistv5
Published
2025-03-17 21:55
Modified
2025-03-18 13:25
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in CryptoLib's `Crypto_TC_ApplySecurity()` allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). Any application or system that relies on CryptoLib for Telecommand (TC) processing and does not strictly validate incoming TC frames is at risk. This includes satellite ground stations or mission control software where attackers can inject malformed frames. A patch is available at commit c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-q2pc-c3jx-3852 | x_refsource_CONFIRM | |
| https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-29909", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T13:25:21.817813Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:25:26.020Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-q2pc-c3jx-3852", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in CryptoLib's `Crypto_TC_ApplySecurity()` allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). Any application or system that relies on CryptoLib for Telecommand (TC) processing and does not strictly validate incoming TC frames is at risk. This includes satellite ground stations or mission control software where attackers can inject malformed frames. A patch is available at commit c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.9, baseSeverity: "HIGH", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "CWE-191: Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T21:55:14.979Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-q2pc-c3jx-3852", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-q2pc-c3jx-3852", }, { name: "https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc", tags: [ "x_refsource_MISC", ], url: "https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc", }, ], source: { advisory: "GHSA-q2pc-c3jx-3852", discovery: "UNKNOWN", }, title: "CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-29909", datePublished: "2025-03-17T21:55:14.979Z", dateReserved: "2025-03-12T13:42:22.134Z", dateUpdated: "2025-03-18T13:25:26.020Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-44910
Vulnerability from cvelistv5
Published
2024-09-27 00:00
Modified
2025-03-19 14:40
Severity ?
EPSS score ?
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
References
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-44910", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T14:39:57.151228Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T14:40:36.792Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-27T14:17:05.130Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/nasa/CryptoLib/issues/268", }, { url: "https://visionspace.com/crashing-cryptolib/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-44910", datePublished: "2024-09-27T00:00:00.000Z", dateReserved: "2024-08-21T00:00:00.000Z", dateUpdated: "2025-03-19T14:40:36.792Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-29911
Vulnerability from cvelistv5
Published
2025-03-17 22:20
Modified
2025-03-18 13:17
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_AOS_ProcessSecurity` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted AOS frame with an insufficient length. The vulnerability lies in the function `Crypto_AOS_ProcessSecurity`, specifically during the processing of the Frame Error Control Field (FECF). The affected code attempts to read from the `p_ingest` buffer at indices `current_managed_parameters_struct.max_frame_size - 2` and `current_managed_parameters_struct.max_frame_size - 1` without verifying if `len_ingest` is sufficiently large. This leads to a heap buffer overflow when `len_ingest` is smaller than `max_frame_size`. As of time of publication, no known patched versions exist.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68 | x_refsource_CONFIRM |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-29911", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T13:17:41.018900Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:17:45.829Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_AOS_ProcessSecurity` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted AOS frame with an insufficient length. The vulnerability lies in the function `Crypto_AOS_ProcessSecurity`, specifically during the processing of the Frame Error Control Field (FECF). The affected code attempts to read from the `p_ingest` buffer at indices `current_managed_parameters_struct.max_frame_size - 2` and `current_managed_parameters_struct.max_frame_size - 1` without verifying if `len_ingest` is sufficiently large. This leads to a heap buffer overflow when `len_ingest` is smaller than `max_frame_size`. As of time of publication, no known patched versions exist.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.9, baseSeverity: "HIGH", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T22:20:15.289Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68", }, ], source: { advisory: "GHSA-7g6g-9gj4-8c68", discovery: "UNKNOWN", }, title: "CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-29911", datePublished: "2025-03-17T22:20:15.289Z", dateReserved: "2025-03-12T13:42:22.134Z", dateUpdated: "2025-03-18T13:17:45.829Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-29912
Vulnerability from cvelistv5
Published
2025-03-17 22:48
Modified
2025-03-18 13:31
Severity ?
EPSS score ?
Summary
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/nasa/CryptoLib/security/advisories/GHSA-3f5x-r59x-p8cf | x_refsource_CONFIRM | |
| https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-29912", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T13:28:30.838322Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T13:31:28.409Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "CryptoLib", vendor: "nasa", versions: [ { status: "affected", version: "<= 1.3.3", }, ], }, ], descriptions: [ { lang: "en", value: "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.9, baseSeverity: "HIGH", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-191", description: "CWE-191: Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T22:48:40.833Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-3f5x-r59x-p8cf", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/nasa/CryptoLib/security/advisories/GHSA-3f5x-r59x-p8cf", }, { name: "https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca", tags: [ "x_refsource_MISC", ], url: "https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca", }, ], source: { advisory: "GHSA-3f5x-r59x-p8cf", discovery: "UNKNOWN", }, title: "CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2025-29912", datePublished: "2025-03-17T22:48:40.833Z", dateReserved: "2025-03-12T13:42:22.135Z", dateUpdated: "2025-03-18T13:31:28.409Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-09-27 15:15
Modified
2025-03-17 22:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/nasa/CryptoLib/issues/268 | Issue Tracking | |
| cve@mitre.org | https://visionspace.com/crashing-cryptolib/ | Technical Description |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nasa:cryptolib:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D7F7FD1A-BA84-49EB-8B0C-10D72AF81E9C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).", }, { lang: "es", value: "Se descubrió que NASA CryptoLib v1.3.0 contiene una lectura fuera de los límites a través del subsistema TM (crypto_tm.c).", }, ], id: "CVE-2024-44912", lastModified: "2025-03-17T22:15:13.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-09-27T15:15:15.063", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/nasa/CryptoLib/issues/268", }, { source: "cve@mitre.org", tags: [ "Technical Description", ], url: "https://visionspace.com/crashing-cryptolib/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-27 15:15
Modified
2025-03-18 21:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/nasa/CryptoLib/issues/268 | Issue Tracking | |
| cve@mitre.org | https://visionspace.com/crashing-cryptolib/ | Technical Description |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nasa:cryptolib:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D7F7FD1A-BA84-49EB-8B0C-10D72AF81E9C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c).", }, { lang: "es", value: "Se descubrió que NASA CryptoLib v1.3.0 contiene una lectura fuera de los límites a través del subsistema TC (crypto_aos.c).", }, ], id: "CVE-2024-44911", lastModified: "2025-03-18T21:15:29.927", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-09-27T15:15:14.990", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/nasa/CryptoLib/issues/268", }, { source: "cve@mitre.org", tags: [ "Technical Description", ], url: "https://visionspace.com/crashing-cryptolib/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-27 15:15
Modified
2025-03-19 15:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/nasa/CryptoLib/issues/268 | Issue Tracking | |
| cve@mitre.org | https://visionspace.com/crashing-cryptolib/ | Exploit, Technical Description |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nasa:cryptolib:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D7F7FD1A-BA84-49EB-8B0C-10D72AF81E9C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).", }, { lang: "es", value: "Se descubrió que NASA CryptoLib v1.3.0 contiene una lectura fuera de los límites a través del subsistema AOS (crypto_aos.c).", }, ], id: "CVE-2024-44910", lastModified: "2025-03-19T15:15:50.533", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-09-27T15:15:14.907", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/nasa/CryptoLib/issues/268", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", ], url: "https://visionspace.com/crashing-cryptolib/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }