bcrypt-ruby Integer Overflow Vulnerability in JRuby Implementation Allows Bypass of Key-Strengthening Iterations
Vulnerability
A vulnerability exists in the bcrypt-ruby gem's JRuby implementation, prior to version 3.1.22, due to an integer overflow when the cost is set to 31, the maximum allowed. This overflow causes the key-strengthening round count to become negative, resulting in zero iterations of the strengthening loop. Consequently, the exponential key-strengthening process is effectively reduced to a constant-time operation, while the hash still appears valid and verifies correctly, making the vulnerability undetectable in application use.
Impact
Exploitation of this vulnerability allows for a significant reduction in the effectiveness of the bcrypt password hashing process, undermining its security by eliminating the intended key-strengthening iterations when cost is set to 31.
Remediation
Users can upgrade to bcrypt-ruby version 3.1.22 or later to address this vulnerability. Alternatively, as a temporary workaround, the cost can be set to a value less than 31.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.