CVE-2024-41996

26.08.2024, 06:15

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CISA-ADP	ADP	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 37%

Ubuntu Releases

Ubuntu Product

Codename

edk2

plucky	needs-triage
oracular	needs-triage
noble	needs-triage
jammy	not-affected
focal	not-affected
bionic	not-affected
xenial	not-affected

nodejs

plucky	not-affected
oracular	not-affected
noble	not-affected
jammy	needs-triage
focal	not-affected
bionic	not-affected
xenial	not-affected
trusty	not-affected

openssl

plucky	not-affected
oracular	needed
noble	needed
jammy	needed
focal	not-affected
bionic	not-affected
xenial	not-affected
trusty	not-affected

openssl1.0

plucky	dne
oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	not-affected

Common Weakness Enumeration

CWE-295 - Improper Certificate Validation
The software does not validate, or incorrectly validates, a certificate.

References

https://dheatattack.gitlab.io/details/

https://dheatattack.gitlab.io/faq/

https://gist.github.com/c0r0n3r/abccc14d4d96c0442f3a77fa5ca255d1