CVE-2019-13470 MatrixSSL ASN.1 Handling Out-of-Bounds Read Vulnerability – Jul 2019

Preface: The product of MatrixSSL is used by many companies. Since MatrixSSL design in low memory footprint.
Whereby, they can partner with smart city infrastructure and IoT devices.

Vulnerability details: A vulnerability in MatrixSSL could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

Our speculation:

  1. x509 is the name for certificates which are defined for informal internet electronic mail, IPsec, and WWW applications.
  2. X.509 original ver 1, and then a ver 2. But now we use the version 3.
  3. Reading the corresponding RFC the structure shown as below:
    Certificate ::= SEQUENCE {
    tbsCertificate TBSCertificate,
    signatureAlgorithm AlgorithmIdentifier,
    signatureValue BIT STRING }
  4. Above are ASN.1 structures.
  5. If attacker send a crafted certificate to the targeted system.
  6. An error in parsing a maliciously formatted ASN.1 Bit Field primitive could cause a crash due to a memory read beyond allocated memory.

Vendor release software updateshttps://github.com/matrixssl/matrixssl/releases

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.