Heap Buffer Overflow in CryptoLib for CCSDS Space Data Link Security Protocol
CVE-2025-29911

8.9HIGH

Key Information:

Vendor: Nasa
Status: Cryptolib
Vendor: CVE Published:; 17 March 2025

What is CVE-2025-29911?

A vulnerability in CryptoLib affects the CCSDS Space Data Link Security Protocol, allowing attackers to exploit the Crypto_AOS_ProcessSecurity function. By crafting a malicious AOS frame with an insufficient length, an attacker can induce a Denial of Service (DoS) condition or potentially execute arbitrary code. The root cause is a failure to verify the buffer length during processing of the Frame Error Control Field (FECF), which can lead to a heap buffer overflow. No patched versions have been released as of the publication date.

Affected Version(s)

CryptoLib <= 1.3.3

References

https://github.com/nasa/CryptoLib/security/advisories/GHS...

x_refsource_CONFIRM

CVSS V4

Score:

8.9

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2025
Vulnerability Reserved
Mar 12, 2025

Nasa

What is CVE-2025-29911?

Affected Version(s)

References

CVSS V4

Timeline