Botan Heap Buffer Over-read Vulnerability in SM2 Decryption Prior to 3.11.0
Vulnerability
A heap buffer over-read vulnerability has been identified in the Botan C++ cryptography library, specifically in versions 2.3.0 prior to 3.11.0. The issue arises during SM2 decryption, where the authentication code value (C3) is not properly validated for length before comparison. This oversight allows an invalid ciphertext to cause a heap over-read of up to 31 bytes, leading to a process crash or potentially other undefined behavior. The vulnerability is particularly relevant for applications using SM2 encryption in Chinese standards-compliant TLS, payment systems, and enterprise applications that process attacker-controlled ciphertexts over the network.
Impact
Exploitation of this vulnerability causes a heap buffer over-read of up to 31 bytes, likely leading to a process crash or other undefined behavior. This behavior is consistent with a denial-of-service condition.
Remediation
Users can upgrade to Botan version 3.11.0 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.