How can this vulnerability impact me? :

This vulnerability can be exploited remotely by an attacker to cause a denial-of-service (DoS) condition on the affected node.

Specifically, by sending crafted PRUNE messages with near-maximum backoff values, an attacker can repeatedly crash the target node due to an integer overflow panic during heartbeat processing.

The impact is a high availability impact, meaning the affected system or service can become unavailable or unstable, disrupting normal operations.

No authentication or special privileges are required to exploit this vulnerability, making it easier for attackers to cause disruption.

There is no impact on confidentiality or integrity of data.

Useful 0 Not Useful 0

Can you explain this vulnerability to me?

This vulnerability exists in the Rust libp2p Gossipsub implementation prior to version 0.49.4. It is caused by an integer overflow during the handling of backoff expiry in PRUNE control messages. When a malicious peer sends a specially crafted PRUNE message with a backoff value near the maximum representable time, this value is accepted and stored without immediate error.

Later, during a heartbeat event, the implementation performs unchecked addition of this stored backoff time and a slack duration, which can overflow and cause the program to panic with an overflow error. This panic crashes the target node.

The vulnerability is remotely exploitable over normal libp2p network connections (TCP, Noise encryption, mplex/yamux multiplexers) without requiring any authentication beyond becoming a protocol peer.

This issue was fixed in version 0.49.4 of the Rust libp2p Gossipsub implementation.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for crashes or panics in the libp2p-rust Gossipsub implementation, specifically looking for the panic message: "overflow when adding duration to instant."

Since the issue is triggered by receiving a crafted PRUNE control message with a near-maximum backoff value, network traffic inspection tools could be used to detect unusual or suspicious PRUNE messages with abnormally large backoff values.

Commands to help detect this might include checking logs for the panic message, for example using:

• grep -r "overflow when adding duration to instant" /var/log/
• journalctl -u your-libp2p-service | grep "overflow when adding duration to instant"

Additionally, network packet capture tools like tcpdump or Wireshark can be used to capture and analyze libp2p traffic to identify PRUNE control messages with suspicious backoff values.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade the libp2p-rust Gossipsub implementation to version 0.49.4 or later, where this vulnerability has been patched.

Until the upgrade can be applied, consider monitoring and filtering incoming PRUNE control messages to detect and block those with abnormally large backoff values to prevent triggering the overflow.

Also, monitor system logs for panic events related to this issue to quickly identify exploitation attempts.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability causes a remote denial-of-service (DoS) by crashing the target node, impacting availability. However, it does not affect confidentiality or integrity of data.

Since the issue impacts availability but not confidentiality or integrity, it may have implications for compliance with standards that require system availability, such as HIPAA's availability requirements for protected health information systems.

There is no direct information indicating an impact on personal data confidentiality or privacy regulations like GDPR.

Useful 0 Not Useful 0