Mirkobitetto

**Name of the Vulnerable Software and Affected Versions** CryptoLib versions 1.3.3 and earlier **Description** CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overflow exists in the `Crypto TC ApplySecurity` function due to an incomplete validation check on the `fl` (frame length) field. While a previous patch addressed an underflow issue involving `fl`, it did not fully prevent unsafe calculations. An attacker can craft malicious frames that cause a negative `tf payload len`, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a `memcpy` call. **Recommendations** Versions prior to 1.3.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CryptoLib versions 1.3.3 and prior **Description** The issue is caused by an unsigned integer underflow in the `Crypto TC ProcessSecurity` function of CryptoLib, leading to a heap buffer overflow. This occurs when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0, causing the frame length to be interpreted as 65535 and resulting in out-of-bounds memory access. This critical issue can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. **Recommendations** For CryptoLib versions 1.3.3 and prior, apply the recommended patch or avoid processing untrusted TC packets until a fix is available. As a temporary workaround, consider disabling the `Crypto TC ProcessSecurity` function until a patch is available. Restrict access to untrusted TC packets to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CryptoLib versions 1.3.3 and prior **Description** CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto TC Prep AAD` function. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciously crafted telecommand (TC) frame that causes an unsigned integer underflow. The vulnerability lies in the function `Crypto TC Prep AAD`, specifically during the computation of `tc mac start index`. The affected code incorrectly calculates the MAC start index without ensuring it remains within the bounds of the `ingest` buffer. When `tc mac start index` underflows due to an incorrect length calculation, the function attempts to access an out-of-bounds memory location, leading to a segmentation fault. **Recommendations** As a temporary workaround, consider disabling the `Crypto TC Prep AAD` function until a patch is available. Restrict access to the `ingest` buffer to minimize the risk of exploitation. Avoid using the `tc mac start index` variable in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.