Buffer Overread in SSL_select_next_proto May Lead to Loss of Confidentiality
CVE-2024-5535

9.1CRITICAL

Key Information:

Vendor: OpenSSL
Status: OpenSSL
Vendor: CVE Published:; 27 June 2024

Summary

A buffer overread vulnerability exists in OpenSSL that may lead to the accidental exposure of up to 255 bytes of sensitive memory content when the API function SSL_select_next_proto is called with an empty list of supported client protocols. This situation is unlikely to arise under normal circumstances, as it typically requires a configuration or programming mistake. When SSL_select_next_proto is invoked incorrectly, it fails to detect this and can return invalid memory content, potentially leading to a loss of confidentiality. Primarily, this affects applications using Next Protocol Negotiation (NPN), which is less common than the more widely adopted Application Layer Protocol Negotiation (ALPN). Developers must ensure proper handling of protocol lists to avoid inadvertently exposing private data.

Affected Version(s)

OpenSSL 3.3.0 < 3.3.2

OpenSSL 3.2.0 < 3.2.3

OpenSSL 3.1.0 < 3.1.7

References

https://www.openssl.org/news/secadv/20240627.txt

vendor-advisory

https://github.com/openssl/openssl/commit/e86ac436f0bd54d...

patch

https://github.com/openssl/openssl/commit/99fb785a5f85315...

patch

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 27, 2024
Vulnerability Reserved
May 30, 2024

Credit

Joseph Birr-Pixton

David Benjamin (Google)

Matt Caswell