CVE-2024-39312 – Botan has an Authorization Error due to Name Constraint Decoding Bug
https://notcve.org/view.php?id=CVE-2024-39312
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtrees and excluded subtrees, only the permitted subtree would be checked. If a certificate included a name which was permitted by the permitted subtree but also excluded by excluded subtree, it would be accepted. Fixed in versions 3.5.0 and 2.19.5. • https://github.com/randombit/botan/security/advisories/GHSA-jp24-56jm-gg86 • CWE-295: Improper Certificate Validation •
CVE-2024-34702 – Botan has a Denial of Service Due to Excessive Name Constraints
https://notcve.org/view.php?id=CVE-2024-34702
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5. • https://github.com/randombit/botan/commit/21dccc8fef18c165ba3301d850ac61521f85637e https://github.com/randombit/botan/commit/39535f13c322f56aa3da2f44b2b6abb8619a82ac https://github.com/randombit/botan/commit/477822a2d10f02d8ba46c9d8a5132f25843f5cc1 https://github.com/randombit/botan/commit/7606d70d3a2ac7114476ec2651ca0243c4536fdf https://github.com/randombit/botan/commit/c3264821b9f6286ee4e6e3e06826f6b7177e6d41 https://github.com/randombit/botan/commit/ff704b12e6fa351aaedd07bffdc91722e84586b8 https://github.com/randombit/botan/pull/4034 https://github.com/randombit/botan& • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVE-2024-34703 – Botan Vulnerable to Denial of Service Due to Overly Large Elliptic Curve Parameters
https://notcve.org/view.php?id=CVE-2024-34703
Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. • https://github.com/randombit/botan/commit/08c404b23740babee1f6aa51b54e966029aadee4 https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7 • CWE-405: Asymmetric Resource Consumption (Amplification) CWE-770: Allocation of Resources Without Limits or Throttling •