CVE-2023-24609

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-24609
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.rambus.com/security/software-protocols/tls-toolkit/ Product
https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 Exploit Third Party Advisory
https://www.rambus.com/security/software-protocols/tls-toolkit/ Product
https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:matrixssl:matrixssl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:rambus:tls_toolkit:-:*:*:*:*:*:*:*
History

21 Nov 2024, 07:48

Type Values Removed Values Added
References () https://www.rambus.com/security/software-protocols/tls-toolkit/ - Product () https://www.rambus.com/security/software-protocols/tls-toolkit/ - Product
References () https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 - Exploit, Third Party Advisory () https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 - Exploit, Third Party Advisory

03 Jan 2024, 20:34

Type Values Removed Values Added
First Time Matrixssl matrixssl
Matrixssl
Rambus
Rambus tls Toolkit
CWE CWE-190
References () https://www.rambus.com/security/software-protocols/tls-toolkit/ - () https://www.rambus.com/security/software-protocols/tls-toolkit/ - Product
References () https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 - () https://www.telekom.com/en/company/data-privacy-and-security/news/advisories-504842 - Exploit, Third Party Advisory
CPE cpe:2.3:a:rambus:tls_toolkit:-:*:*:*:*:*:*:*
cpe:2.3:a:matrixssl:matrixssl:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5

22 Dec 2023, 12:18

Type Values Removed Values Added
Summary
  • (es) Matrix SSL 4.x a 4.6.0 y Rambus TLS Toolkit tienen un desbordamiento de enteros de sustracción de longitud para el análisis de la extensión Client Hello Pre-Shared Key en el servidor TLS 1.3. Un dispositivo atacado calcula un hash SHA-2 en al menos 65 KB (en RAM). Con una gran cantidad de mensajes TLS manipulados, la CPU se carga mucho. Esto ocurre en tls13VerifyBinder y tls13TranscriptHashUpdate.

22 Dec 2023, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-22 04:15

Updated : 2024-11-21 07:48

NVD link : CVE-2023-24609

Mitre link : CVE-2023-24609

CVE.ORG link : CVE-2023-24609

JSON object : View

Products Affected

rambus

  • tls_toolkit

matrixssl

  • matrixssl
CWE
CWE-190

Integer Overflow or Wraparound