Skip to content

Buffer overflow in sponge queue functions

Moderate
gvanas published GHSA-6w4m-2xhg-2658 Oct 20, 2022

Package

No package listed

Affected versions

Before commit fdc6fef075f4e81d6b1bc38364248975e08e340a

Patched versions

Starting from commit fdc6fef075f4e81d6b1bc38364248975e08e340a

Description

This vulnerability has been found by Nicky Mouha.

Impact

The Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.

Patches

Yes, see commit fdc6fef0.

Workarounds

The problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.

References

See issue #105 for more details.

Severity

Moderate

CVE ID

CVE-2022-37454

Weaknesses