CVE-2025-64096

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.2

Description CryptoLib utilizes the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A missing bounds check in the Crypto Key update() function (within crypto key mgmt.c) allows a remote attacker to trigger a stack-based buffer overflow. This occurs when a specially crafted TLV packet with a spoofed length field is supplied. The function calculates the number of keys based on an attacker-controlled field (pdu len), potentially exceeding the size of a static array (kblk[98]), leading to an out-of-bounds write and potential memory corruption.

Recommendations Update to version 1.4.2 or later.