Bing Shi

Name of the Vulnerable Software and Affected Versions: Bouncy Castle for Java versions 1.44 through 1.78 BCPKIX FIPS versions 1.0.0 through 1.0.7 BCPKIX FIPS versions 2.0.0 through 2.0.7 Description: The Bouncy Castle for Java cryptographic libraries contain a vulnerability related to excessive resource allocation without limits or throttling. The issue affects API modules and involves program files related to PKIX certificate processing, specifically within `PKIXCertPathReviewer` and related classes. Recommendations: Update Bouncy Castle for Java to a version later than 1.78. Update BCPKIX FIPS to a version later than 1.0.7. Update BCPKIX FIPS to a version later than 2.0.7.

**Name of the Vulnerable Software and Affected Versions:** Bouncy Castle for Java versions 1.0 through 1.77 Bouncy Castle for Java - FJA versions 1.0.0 through 2.0.0 **Description:** A resource allocation issue exists in Bouncy Castle for Java affecting all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issue is associated with the `ASN1ObjectIdentifier.java` file within the core module and is triggered by malformed ASN.1 OIDs. **Recommendations:** Bouncy Castle for Java versions prior to 1.78 Bouncy Castle for Java - FJA versions prior to 2.0.1

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 2.1 iOS versions prior to 18.1 iPadOS versions prior to 18.1 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 tvOS versions prior to 18.1 macOS Sonoma versions prior to 14.7.1 watchOS versions prior to 11.1 macOS Ventura versions prior to 13.7.1 Description: A denial-of-service issue was addressed with improved input validation. A remote attacker may be able to cause a denial-of-service. Recommendations: Update to visionOS 2.1 or later. Update to iOS 18.1 or later. Update to iPadOS 18.1 or later. Update to iOS 17.7.1 or later. Update to iPadOS 17.7.1 or later. Update to tvOS 18.1 or later. Update to macOS Sonoma 14.7.1 or later. Update to watchOS 11.1 or later. Update to macOS Ventura 13.7.1 or later.

**Name of the Vulnerable Software and Affected Versions** libtasn1 (affected versions not specified) **Description** A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. The issue is related to the handling of numerous SEQUENCE OF or SET OF elements in DER data, which results in quadratic time complexity. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GnuTLS (affected versions not specified) **Description** A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Botan versions prior to 3.5.0 Botan versions prior to 2.19.5 Description: The issue is related to the processing of X.509 certificates in the Botan C++ cryptography library. Checking name constraints in these certificates is quadratic in the number of names and name constraints, which can lead to a denial of service. An attacker could exploit this by presenting a certificate chain with a large number of names in the `SubjectAlternativeName`, signed by a CA certificate with a large number of name constraints. Recommendations: For Botan versions prior to 3.5.0, update to version 3.5.0 to resolve the issue. For Botan versions prior to 2.19.5, update to version 2.19.5 to partially address the issue. As a temporary workaround, consider restricting the number of names in the `SubjectAlternativeName` field to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Botan versions prior to 2.19.4 and 3.3.0 **Description** The issue is related to the parsing of X.509 certificates with explicit encoding of elliptic curve parameters. An attacker can present a certificate with very large parameters, causing excessive computation when the parameter is checked to be prime. This can lead to a denial of service. The proof of concept used a 16Kbit prime for this purpose. Support for explicit encoding of elliptic curve parameters is deprecated in Botan. **Recommendations** For versions prior to 2.19.4, update to version 2.19.4 or later to patch the issue. For versions prior to 3.3.0, update to version 3.3.0 or later to patch the issue. As a temporary workaround, consider restricting the use of explicit encoding of elliptic curve parameters until a patch is applied.