- Reported
-
- Issued
-
- Package
-
hpke-rs
(crates.io)
- Type
-
Vulnerability
- Aliases
-
- References
-
- CVSS Score
- 8.2
HIGH
- CVSS Details
-
- Attack Complexity
- Low
- Attack Requirements
- Present
- Attack Vector
- Network
- Privileges Required
- None
- Availability Impact to the Subsequent System
- None
- Confidentiality Impact to the Subsequent System
- None
- Integrity Impact to the Subsequent System
- None
- User Interaction
- None
- Availability Impact to the Vulnerable System
- High
- Confidentiality Impact to the Vulnerable System
- None
- Integrity Impact to the Vulnerable System
- None
- CVSS Vector
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
- Patched
-
- Affected Functions
- Version
hpke_rs::Context::open-
hpke_rs::Context::seal-
Description
Constructing an HPKE Context with the AEAD algorithm set to
HpkeExport resulted in a panic when calling Context::seal, or
Context::open. This was due to an underflowing integer subtraction
when calculating the length of a vector allocation for the AEAD nonce,
which would panic on its own in debug mode and cause out-of-memory
abort on the allocation in release mode.
Impact
Applications that could be made to use an HPKE context configured with
HpkeExport as AEAD algorithm to open or seal a ciphertext would
crash. Other applications are unaffected.
Mitigation
Starting with version 0.6.0, an error will be returned when
attempting to call Context::seal or Context::open on an HPKE
context with HpkeExport as AEADAlgorithm.
Advisory available under CC0-1.0
license.