CVE-2026-21897
Out-of-Bounds Write in CryptoLib SDLS-EP Parameter Handling
Publication date: 2026-01-10
Last updated on: 2026-01-10
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nasa | cryptolib | to 1.4.3 (exc) |
| nasa | cryptolib | 1.4.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds write in the Crypto_Config_Add_Gvcid_Managed_Parameters function of the CryptoLib package. The function only checks if gvcid_counter is greater than the maximum allowed size, allowing an entry up to the 251st index to be written. Since the array has only 251 entries indexed 0 to 250, writing to the 251st entry causes a write beyond the array bounds, overwriting the adjacent gvcid_counter variable in memory. This corrupted counter can be set to an arbitrary value, potentially disrupting parameter lookup and registration logic that depends on it. [1]
How can this vulnerability impact me? :
The vulnerability can be exploited remotely over the network without any privileges or user interaction and has low attack complexity. Its impact includes low confidentiality, integrity, and availability losses because the corrupted gvcid_counter may disrupt parameter lookup and registration logic, potentially causing unexpected behavior or denial of service in the system using CryptoLib. [1]
What immediate steps should I take to mitigate this vulnerability?
Upgrade the CryptoLib package to version 1.4.3 or later, as this version includes a patch that fixes the out-of-bounds write vulnerability in the Crypto_Config_Add_Gvcid_Managed_Parameters function. This update addresses the improper index validation and prevents memory corruption issues. [1, 2]