Vulnerability Details : CVE-2024-34702
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.
Vulnerability category: Denial of service
Products affected by CVE-2024-34702
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2024-34702
1.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-34702
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
N/A
|
N/A
|
GitHub, Inc. | 2024-07-08 |
|
5.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.9
|
1.4
|
GitHub, Inc. | 2024-07-08 |
CWE ids for CVE-2024-34702
-
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."Assigned by:
- a0819718-46f1-4df5-94e2-005712e83aaa (Primary)
- security-advisories@github.com (Secondary)
References for CVE-2024-34702
-
https://github.com/randombit/botan/pull/4052
[#4045 Backport] During X.509 verification, first check the signatures by randombit · Pull Request #4052 · randombit/botan · GitHub
-
https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
Denial of Service Due to Excessive Name Constraints · Advisory · randombit/botan · GitHub
-
https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1
Merge pull request #4052 from randombit/jack/backport-4045 · randombit/botan@477822a · GitHub
-
https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8
Merge pull request #4186 from randombit/jack/fix-nc-dos · randombit/botan@ff704b1 · GitHub
-
https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf
Merge pull request #4034 from randombit/jack/refactor-alt-name · randombit/botan@7606d70 · GitHub
-
https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e
Merge pull request #4187 from randombit/jack/fix-nc-dos-2x · randombit/botan@21dccc8 · GitHub
-
https://github.com/randombit/botan/pull/4186
Address denial of service in name constraints processing by randombit · Pull Request #4186 · randombit/botan · GitHub
-
https://github.com/randombit/botan/pull/4047
Optimize name constraint matching by randombit · Pull Request #4047 · randombit/botan · GitHub
-
https://github.com/randombit/botan/pull/4045
During X509 path validation, return immediately if a signature is invalid by randombit · Pull Request #4045 · randombit/botan · GitHub
-
https://github.com/randombit/botan/pull/4034
Refactor AlternativeName internals by randombit · Pull Request #4034 · randombit/botan · GitHub
-
https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41
Merge pull request #4047 from randombit/jack/opt-name-constraints · randombit/botan@c326482 · GitHub
-
https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac
Merge pull request #4045 from randombit/jack/x509-path-sigs-first · randombit/botan@39535f1 · GitHub
-
https://github.com/randombit/botan/pull/4187
Address various name constraint bugs by randombit · Pull Request #4187 · randombit/botan · GitHub
Jump to