{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/rustls-webpki/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["rustls-webpki"],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","rustls-webpki","crl"],"_cs_type":"advisory","_cs_vendors":["rust"],"content_html":"\u003cp\u003eA denial-of-service vulnerability has been identified in the rustls-webpki crate, specifically affecting versions prior to 0.103.13 and versions between 0.104.0-alpha.1 and 0.104.0-alpha.7. The vulnerability stems from a panic within the \u003ccode\u003ebit_string_flags()\u003c/code\u003e function located in \u003ccode\u003esrc/der.rs\u003c/code\u003e. This panic occurs when the function processes a malformed Certificate Revocation List (CRL) containing a BIT STRING with a content of exactly \u003ccode\u003e[0x00]\u003c/code\u003e. The issue is triggered via the \u003ccode\u003eissuingDistributionPoint\u003c/code\u003e CRL extension when CRL revocation checking is explicitly enabled through \u003ccode\u003eRevocationOptions\u003c/code\u003e and the application loads CRL data from a source controlled by an attacker. This vulnerability allows a remote attacker to cause a denial of service in applications that rely on rustls-webpki for certificate validation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker obtains a certificate from a Certificate Authority (CA) that permits custom Certificate Distribution Point (CDP) URLs.\u003c/li\u003e\n\u003cli\u003eAttacker sets the CDP of the certificate to point to a server they control (e.g., \u003ccode\u003ecdp\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious CRL with a BIT STRING in the \u003ccode\u003eissuingDistributionPoint\u003c/code\u003e extension containing the byte sequence \u003ccode\u003e0x00\u003c/code\u003e, triggering the vulnerability in \u003ccode\u003ebit_string_flags()\u003c/code\u003e. The CRL must be DER encoded and contain the following ASN.1 structure: \u003ccode\u003ea0 10 30 0e 30 0c 06 03 55 1d 1c 04 05 30 03 83 01 00\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe attacker hosts the crafted CRL on the server specified in the CDP.\u003c/li\u003e\n\u003cli\u003eA vulnerable mTLS server configured to use CRL checking receives a connection request from a client presenting the attacker\u0026rsquo;s certificate.\u003c/li\u003e\n\u003cli\u003eThe mTLS server fetches the CRL from the attacker-controlled CDP server during the TLS handshake.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eBorrowedCertRevocationList::from_der()\u003c/code\u003e function parses the CRL, leading to the execution of \u003ccode\u003ebit_string_flags()\u003c/code\u003e on the malformed BIT STRING.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ebit_string_flags()\u003c/code\u003e function panics due to an index-out-of-bounds error, resulting in a denial-of-service condition on the mTLS server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability leads to a denial-of-service condition. Affected applications that perform mTLS, particularly servers, become unavailable when processing connections from clients presenting certificates with malicious CRL distribution points. This can disrupt services and impact availability. The severity is high because an attacker can trigger the vulnerability remotely without authentication.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to rustls-webpki version 0.103.13 or 0.104.0-alpha.7 or later to patch the vulnerability.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect-Malformed-CRL-Bit-String\u003c/code\u003e to identify attempts to exploit this vulnerability by monitoring for specific byte sequences in CRL data.\u003c/li\u003e\n\u003cli\u003eImplement strict validation and sanitization of CRL data before processing it with \u003ccode\u003erustls-webpki\u003c/code\u003e, especially when fetching CRLs from untrusted sources.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-09T12:00:00Z","date_published":"2024-01-09T12:00:00Z","id":"/briefs/2024-01-rustls-webpki-dos/","summary":"A denial-of-service vulnerability exists in rustls-webpki versions prior to 0.103.13 and between 0.104.0-alpha.1 and 0.104.0-alpha.7 due to a panic in `bit_string_flags()` when processing a malformed CRL BIT STRING, triggered when CRL checking is enabled and an attacker provides a crafted CRL.","title":"rustls-webpki Denial-of-Service Vulnerability via Malformed CRL BIT STRING","url":"https://feed.craftedsignal.io/briefs/2024-01-rustls-webpki-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Rustls-Webpki","version":"https://jsonfeed.org/version/1.1"}