CVE-2024-9143

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 3.3.3

Description: The issue arises from the use of low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial, leading to out-of-bounds memory reads or writes. This can cause an application crash or potentially allow for remote code execution. However, the likelihood of a vulnerable application is low, as most protocols involving Elliptic Curve Cryptography either support only "named curves" or specify an X9.62 encoding of binary (GF(2^m)) curves that cannot represent problematic input values. The affected APIs include EC GROUP new curve GF2m(), EC GROUP new from params(), and various supporting BN GF2m *() functions.

Recommendations: For versions prior to 3.3.3, update to version 3.3.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the vulnerable EC GROUP new curve GF2m() and EC GROUP new from params() functions, as well as the supporting BN GF2m *() functions, until a patch is available. Avoid using "exotic" explicit binary (GF(2^m)) curve parameters that can represent invalid field polynomials with a zero constant term.