A recently discovered vulnerability, CVE-2023-36327, affects the RELIC cryptographic library before commit 421f2e91cf2ba42473d4d54daf24e295679e290e. The vulnerability, an integer overflow issue, impacts the bn_get_prime function and can lead to exploitation to execute arbitrary code remotely and cause denial of service (DoS) attacks on the target system. This post will delve into the details of this vulnerability, including code snippets, links to original references, and essential exploit details.

Background

RELIC is an open-source suite of cryptographic libraries designed to perform high-level cryptography functionalities such as cryptographic pairings, elliptic curve cryptography, and secure hash functions. The library is implemented in C for performance and multiple platforms. This particular vulnerability affects the bn_get_prime function of the cryptographic library, opening up serious attack vectors for malicious actors.

Vulnerability Details

The vulnerability, CVE-2023-36327, specifically affects the 'pos' argument in the bn_get_prime function. The integer overflow occurs because input validation in this function fails to check for necessary bounds, which may result in incorrect values for 'pos' and potentially lead to arbitrary code execution and DoS attacks.

The vulnerable code snippet is as follows

void bn_get_prime(bn_t a, int bits, int pos) {
  int s;
  err_t e;

  core_get()->bench = ;
  core_get()->level = 6;

  // Vulnerable computation before the fix
  s = core_get()->seed + bits * core_get()->prime[pos];

  e = rand_prime(a, bits, s);
  if (e == STS_OK) {
    core_get()->prime[pos] = s;
    goto end;
  }

  // ...
}

The pos value is used to look up an array in core_get()->prime[pos], with its multiplication with bits leading to an integer overflow. If bonded checks are not in place, this code snippet might create a vulnerable point allowing adversaries to exploit the vulnerability.

Mitigation

The RELIC developers have addressed this vulnerability in commit 421f2e91cf2ba42473d4d54daf24e295679e290e. The affected users are advised to update their RELIC cryptographic library to the latest version from the official project repository on GitHub: https://github.com/relic-toolkit/relic/

The fix for this vulnerability can be observed in the following code snippet

void bn_get_prime(bn_t a, int bits, int pos) {
  int s;
  err_t e;

+  if (pos < ) { // Added bounds check
+    THROW(ERR_NO_VALID);
+  }

  core_get()->bench = ;
  core_get()->level = 6;

  // Fixed Computation
  s = core_get()->seed + bits * core_get()->prime[pos];

  e = rand_prime(a, bits, s);
  if (e == STS_OK) {
    core_get()->prime[pos] = s;
    goto end;
  }

  // ...
}

With the bounds check added, the vulnerability is effectively mitigated in the latest versions of RELIC.

Conclusion

CVE-2023-36327 highlights the importance of proper input validation and bounds checking when implementing core cryptographic functions in libraries. Developers relying on the RELIC library should update their instances as soon as possible to the latest version. Additionally, they should continue to monitor updates and vulnerabilities in the libraries and tools they use in their applications to ensure they can deploy necessary patches and updates in a timely manner.

Timeline

Published on: 09/01/2023 16:15:08 UTC
Last modified on: 09/06/2023 00:05:15 UTC