OHTTP Implementation Vulnerable to Sequence Number Overflow and Nonce Repeatation
CVE-2024-36121

9.1CRITICAL

Key Information:

Vendor
netty-incubator-codec-ohttp
Status
Netty-incubator-codec-ohttp
Vendor
CVE Published:
4 June 2024

Summary

The Netty Incubator Codec OHTTP implementation features a vulnerability stemming from the BoringSSLAEADContext class, which erroneously manages the sequence numbers of OHTTP responses. When two specific coding errors collide, it creates an opportunity for an attacker to induce a sequence number overflow, leading to the potential repetition of nonces used in the encryption process. As a result, this flaw can compromise the integrity of encrypted communications and enable further malicious exploits.

References

https://github.com/netty/netty-incubator-codec-ohttp/secu...
https://github.com/netty/netty-incubator-codec-ohttp/blob...

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2024-36121 : OHTTP Implementation Vulnerable to Sequence Number Overflow and Nonce Repeatation | SecurityVulnerability.io