CVE-2024-26130 cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

2024-02-2116:28:18

CWE-476

GitHub_M

github.com

cryptography

pkcs12

null pointer

deference

private key

certificate

hmac_hash

python process

valueerror

version 42.0.4

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serialize_key_and_certificates is called with both a certificate whose public key did not match the provided private key and an encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...), then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a ValueError is properly raised.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*"
    ],
    "vendor": "cryptography_project",
    "product": "cryptography",
    "versions": [
      {
        "status": "affected",
        "version": "38.0.0",
        "lessThan": "42.04",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]