CVE-2024-23688

Name of the Vulnerable Software and Affected Versions: Consensys Discovery versions less than 0.4.5

Description: The issue arises from Consensys Discovery using the same AES/GCM nonce for the entire session, which should ideally be unique for every message. This can lead to the leaking of the session key generated for specific peer communication. However, the node's private key is not compromised. The ENR record, signed with a different key, remains unaffected, and an attacker cannot alter it. According to the discovery spec, the session cache must keep track of the count of outgoing messages to ensure the uniqueness of nonce values, and it is recommended to generate nonces by encoding the current outgoing message count into the first 32 bits of the nonce and filling the remaining 64 bits with random data generated by a cryptographically secure random number generator.

Recommendations: For Consensys Discovery versions less than 0.4.5, update to version 0.4.5 or later to resolve the issue. As a temporary workaround, consider regenerating the session key frequently to minimize the risk of exploitation. Restrict access to sensitive peer communication to minimize the risk of session key exposure. Avoid reusing AES/GCM nonces for multiple messages in the same session. Ensure the session cache keeps track of outgoing message counts to maintain unique nonce values. Generate nonces using a cryptographically secure random number generator, encoding the current outgoing message count into the first 32 bits of the nonce and filling the remaining 64 bits with random data.