50 matches found
CVE-2025-29909
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...
CVE-2025-29910 CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A memory leak vulnerability was identified in the...
CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...
CVE-2025-29909
CVE-2025-29909 affects CryptoLib (NASA) up to version 1.3.3: a heap buffer overflow in Crypto_TC_ApplySecurity() can be triggered by crafting a malformed Telecommand (TC) frame, leading to out-of-bounds writes with DoS and, under certain conditions, remote code execution. The vulnerability impact...
CVE-2025-29909 CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In versions 1.3.3 and prior, a heap buffer overflow vulnerability in...
PT-2025-11563 · Cryptolib · Cryptolib
Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: A critical heap buffer overflow issue was identified in the Crypto AOS ProcessSecurity function, allowing an attacker to trigger a Denial of Service DoS or potentially execute arbitrary code RCE...
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib version 1.3.3 and earlier, which originates from a heap buffer overflow and could result in a denial of servi...
PT-2025-11564 · Cryptolib · Cryptolib
Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: The issue is caused by an unsigned integer underflow in the Crypto TC ProcessSecurity function of CryptoLib, leading to a heap buffer overflow. This occurs when the fl frame length field in a...
PT-2025-11565 · Cryptolib · Cryptolib
Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and prior Description: CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight...
PT-2025-11561 · Cryptolib · Cryptolib
Name of the Vulnerable Software and Affected Versions: CryptoLib versions 1.3.3 and earlier Description: A heap buffer overflow vulnerability in CryptoLib's Crypto TC ApplySecurity function allows an attacker to craft a malicious TC frame that causes out-of-bounds memory writes. This can result i...