CVE-2024-4420

Denial of Service in Tink-cc

Severity Score

6.8

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

There exists a Denial of service vulnerability in Tink-cc in versions prior to 2.1.3. * An adversary can crash binaries using the crypto::tink::JsonKeysetReader in tink-cc by providing an input that is not an encoded JSON object, but still a valid encoded JSON element, for example a number or an array. This will crash as Tink just assumes any valid JSON input will contain an object.

* An adversary can crash binaries using the crypto::tink::JsonKeysetReader in tink-cc by providing an input containing many nested JSON objects. This may result in a stack overflow.

We recommend upgrading to version 2.1.3 or above

Existe una vulnerabilidad de denegación de servicio en Tink-cc en versiones anteriores a la 2.1.3. * Un adversario puede bloquear archivos binarios usando crypto::tink::JsonKeysetReader en tink-cc al proporcionar una entrada que no es un objeto JSON codificado, pero que sigue siendo un elemento JSON codificado válido, por ejemplo, un número o una matriz. Esto fallará ya que Tink simplemente asume que cualquier entrada JSON válida contendrá un objeto. * Un adversario puede bloquear archivos binarios usando crypto::tink::JsonKeysetReader en tink-cc al proporcionar una entrada que contiene muchos objetos JSON anidados. Esto puede provocar un desbordamiento de la pila. Recomendamos actualizar a la versión 2.1.3 o superior.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

Present

Privileges Required

Low

User Interaction

Active

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

Present

Privileges Required

Low

User Interaction

Active

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-02 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-116: Improper Encoding or Escaping of Output

CAPEC

CAPEC-469: HTTP DoS

References (1)

URL	Tag	Source
https://github.com/tink-crypto/tink-cc/issues/4

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Google Search vendor "Google"		Tink Search vendor "Google" for product "Tink"				>= 2.0.0 < 2.1.3 Search vendor "Google" for product "Tink" and version " >= 2.0.0 < 2.1.3"		en		Affected
Google Search vendor "Google"		Tink (Legacy) Search vendor "Google" for product "Tink (Legacy)"				<= 1.7.0 Search vendor "Google" for product "Tink (Legacy)" and version " <= 1.7.0"		en		Affected