CVE-2023-32690

Name of the Vulnerable Software and Affected Versions libspdm versions prior to 2.3.3 libspdm versions prior to 3.0

Description The issue arises due to insufficient validation of input data in the libspdm library. This can be exploited by a remote attacker to cause a denial of service. When a libspdm Requester receives a successful CAPABILITIES response, it stores the Responder's CTExponent without validation. If the Requester then sends a request that requires a cryptography operation, such as a CHALLENGE, it calculates the timeout value using the unvalidated CTExponent.

Recommendations For versions prior to 2.3.3, update to version 2.3.3 to apply the patch. For versions prior to 3.0, consider applying the available workaround: after completing VCA, check the value of the Responder's CTExponent, and if it is greater than or equal to 64, stop communication with the Responder. As a temporary workaround, consider restricting the use of the CTExponent value in the Requester's context until a patch is available.