Ayman Boulaich

**Name of the Vulnerable Software and Affected Versions** NASA CryptoLib version 1.3.0 **Description** The issue is related to an Out-of-Bounds read via the AOS subsystem in the crypto aos.c file. **Recommendations** For NASA CryptoLib version 1.3.0, consider restricting access to the AOS subsystem until a patch is available. As a temporary workaround, avoid using the crypto aos.c file in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NASA CryptoLib version 1.3.0 **Description** The issue is related to an Out-of-Bounds read via the TC subsystem. Specifically, the problem is identified in the `crypto aos.c` file. **Recommendations** For NASA CryptoLib version 1.3.0, consider restricting access to the TC subsystem until a patch is available. As a temporary workaround, disabling the `crypto aos.c` functionality may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NASA CryptoLib version 1.3.0 **Description** The issue is related to an Out-of-Bounds read via the TM subsystem in the crypto tm.c file. **Recommendations** For NASA CryptoLib version 1.3.0, consider restricting access to the TM subsystem until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.