CryptoLib Heap Buffer Overflow Vulnerability in Telecommand Processing Function Allowing Denial-of-Service and Potential Remote Code Execution

A critical heap buffer overflow vulnerability has been identified in CryptoLib versions through 1.3.3. The issue arises in the 'Crypto_TC_Prep_AAD' function, which is responsible for preparing additional authenticated data (AAD) for telecommand (TC) frames. The vulnerability allows an attacker to cause an unsigned integer underflow by sending a maliciously crafted TC frame, leading to an out-of-bounds memory access. This exploitation can trigger a segmentation fault, causing a denial-of-service condition, or potentially allow for arbitrary code execution by manipulating the application's memory heap.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition. Additionally, the heap buffer overflow could be exploited to execute arbitrary code remotely, depending on the specific circumstances of the attack.

Reproduction

To reproduce this vulnerability, send a telecommand frame with a crafted payload that causes the 'tc_mac_start_index' calculation to underflow. This can be done by manipulating the TC header length to be smaller than the expected values, creating an out-of-bounds read when the MAC is copied from the 'ingest' buffer. The vulnerability can be triggered through the 'Crypto_TC_ProcessSecurity' function, which processes the telecommand frame and eventually calls 'Crypto_TC_Prep_AAD'.