CVE-2024-23680

Name of the Vulnerable Software and Affected Versions: AWS Encryption SDK for Java versions 2.0.0 through 2.2.0 AWS Encryption SDK for Java versions less than 1.9.0

Description: The issue concerns the incorrect validation of some invalid ECDSA signatures. This affects the integrity of the signatures, which provide defense in depth, although there is no impact on the integrity of decrypted plaintext. The vulnerability is related to the streaming mode of the Encryption SDK, where callers may stream the plaintext of signed messages before the ECDSA signature is validated. Additionally, the SDK uses AES-GCM encryption, and all plaintext is verified before being released to a caller. However, some callers may rely on the ECDSA signature for non-repudiation.

Recommendations: For AWS Encryption SDK for Java versions 2.0.0 through 2.2.0, upgrade to version 2.2 or later to address the issue. For AWS Encryption SDK for Java versions less than 1.9.0, upgrade to version 1.9 or later to address the issue. As a temporary workaround, consider ensuring that client code reads to the end of the stream before using released plaintext. Consider using the new API for streaming and falling back to the non-streaming decrypt API for signed messages to prevent using any plaintext from signed data before the signature is validated. For users processing ESDK messages from untrusted sources, use the new maximum encrypted data keys parameter to limit the number of AWS KMS Decrypt API calls that the ESDK will make per message.