CVE-2021-4239

2022-12-2722:15:12

Debian Security Bug Tracker

security-tracker.debian.org

cve-2021-4239

noise protocol

cryptographic security

denial of service

nonce counter

encrypt function

decrypt function

desynchronize

unix

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

34.6%

JSON

The Noise protocol implementation suffers from weakened cryptographic security after encrypting 2^64 messages, and a potential denial of service attack. After 2^64 (~18.4 quintillion) messages are encrypted with the Encrypt function, the nonce counter will wrap around, causing multiple messages to be encrypted with the same key and nonce. In a separate issue, the Decrypt function increments the nonce state even when it fails to decrypt a message. If an attacker can provide an invalid input to the Decrypt function, this will cause the nonce state to desynchronize between the peers, resulting in a failure to encrypt all subsequent messages.

OSVersionArchitecturePackageVersionFilename
Debian12allgolang-github-flynn-noise< 1.0.0-2golang-github-flynn-noise_1.0.0-2_all.deb
Debian999allgolang-github-flynn-noise< 1.1.0-1golang-github-flynn-noise_1.1.0-1_all.deb
Debian13allgolang-github-flynn-noise< 1.1.0-1golang-github-flynn-noise_1.1.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	golang-github-flynn-noise	< 1.0.0-2	golang-github-flynn-noise_1.0.0-2_all.deb
Debian	999	all	golang-github-flynn-noise	< 1.1.0-1	golang-github-flynn-noise_1.1.0-1_all.deb
Debian	13	all	golang-github-flynn-noise	< 1.1.0-1	golang-github-flynn-noise_1.1.0-1_all.deb