CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the libcurl write_callback function in the KMC crypto service client allows unbounded memory growth by reallocating response buffers without any size limit or overflow check. A malicious KMC server can return arbitrarily large HTTP responses, forcing the client to allocate excessive memory until the process is terminated by the OS.
This issue has been patched in version 1.4.3.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
Present
Additional conditions required
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Nasa Cryptolib
cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:*
|
— |
1.4.3
|
References 3
https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc8482…
security-advisories@github.com
https://github.com/nasa/CryptoLib/releases/tag/v1.4.3
security-advisories@github.com
https://github.com/nasa/CryptoLib/security/advisories/GHSA-w9cm-q69w-34x7
security-advisories@github.com