CVE-2023-42811
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-42811
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-42811.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-42811
- Aliases
- Related
- Published
- 2023-09-22T16:15:10Z
- Modified
- 2025-01-08T09:37:41.684380Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplace_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag verification fails. If a program using the
aes-gcmcrate'sdecrypt_in_place*APIs accesses the buffer after decryption failure, it will contain a decryption of an unauthenticated input. Depending on the specific nature of the program this may enable Chosen Ciphertext Attacks (CCAs) which can cause a catastrophic breakage of the cipher including full plaintext recovery. Version 0.10.3 contains a fix for this issue. - References
-
- https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBB6TBDAGEQ2WIINR34F3DPSN3FND6K/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYQCICN6BVC6I75O3F6W4VK4J3MOYDJU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U67ZSMNX5V3WTBYPUYF45PSFG4SF5SGF/
- https://docs.rs/aes-gcm/latest/src/aes_gcm/lib.rs.html#309
Affected packages
Git / github.com/rustcrypto/aeads
Affected versions
aes-gcm-siv-v0.*
aes-gcm-siv-v0.11.0
aes-gcm-siv-v0.11.0-pre
aes-gcm-siv-v0.11.0-pre.1
aes-gcm-siv-v0.11.0-pre.2
aes-gcm-siv-v0.11.1
aes-gcm-v0.*
aes-gcm-v0.10.0
aes-gcm-v0.10.0-pre
aes-gcm-v0.10.0-pre.1
aes-gcm-v0.10.0-pre.2
aes-gcm-v0.10.1
aes-gcm-v0.10.2
aes-siv-v0.*
aes-siv-v0.7.0
aes-siv-v0.7.0-pre.1
ascon-aead-v0.*
ascon-aead-v0.4.2
ccm-v0.*
ccm-v0.5.0
ccm-v0.5.0-pre.1
chacha20poly1305-v0.*
chacha20poly1305-v0.10.0
chacha20poly1305-v0.10.0-pre.1
chacha20poly1305-v0.10.0-pre.2
chacha20poly1305-v0.10.1
deoxys-v0.*
deoxys-v0.1.0
deoxys-v0.1.0-pre.1
eax-v0.*
eax-v0.5.0
eax-v0.5.0-pre.1
mgm-v0.*
mgm-v0.5.0-pre.1
xsalsa20poly1305-v0.*
xsalsa20poly1305-v0.9.0
xsalsa20poly1305-v0.9.0-pre
xsalsa20poly1305-v0.9.0-pre.1
xsalsa20poly1305-v0.9.0-pre.2
xsalsa20poly1305/v0.*
xsalsa20poly1305/v0.9.1