Community
Participate
Working Groups
Hello, This bug affects current TinyDTLS master (706888256c3e03d9fcf1ec37bb1dd6499213be3c). One buffer overflow bug can appear in the function dtls_sha256_update in sha2.c:590. Here is the bug trace: #1 0x552e29 in dtls_sha256_update /tinydtls/sha2/sha2.c:587:3 #2 0x528840 in dtls_create_cookie /tinydtls/dtls.c:356:3 #3 0x528840 in dtls_verify_peer /tinydtls/dtls.c:1633 #4 0x528840 in handle_handshake_msg /tinydtls/dtls.c:3334 #5 0x519773 in handle_handshake /tinydtls/dtls.c:3493:14 #6 0x519773 in dtls_handle_message /tinydtls/dtls.c:3881 #7 0x513864 in dtls_handle_read /tinydtls/tests/dtls-server.c:177:10 #8 0x513864 in main /tinydtls/tests/dtls-server.c:352 The fragment length of DTLS handshake messages can be up to 2^24-1 bytes, but the buf length is limited to 1400 bytes in the function dtls_handle_read() in dtls-server.c. During handshakes, for handling messages with more than 1400 bytes, the program produces buffer overflow.
This bug exists through 0.9-rc1. This bug results from a missing bound check before access .
tinydtls servers incorrectly handle malformed handshake packets. When receiving a malicious handshake packet, whose value of the Length field is larger than the real one, servers will try to read more bytes than the real one, which will lead to disclosing sensitive information. Remote attackers can also send this kind of packet to cause the denial of service.
Project team: we need your engagement here. There's help in the handbook [1] [1] https://www.eclipse.org/projects/handbook/#vulnerability
We've exceeded the three month deadline; I've removed the confidentiality flag for quiet disclosure.
This issue has been migrated to https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/608.
