Executive Summary

CVE-2026-4598 is an infinite loop vulnerability in the jsrsasign JavaScript cryptographic library, specifically in the bnModInverse function within ext/jsbn2.js. The issue occurs when the BigInteger.modInverse implementation receives zero or negative inputs, such as modInverse(0, m) or modInverse(-1, m). Under these conditions, the function enters an infinite loop, causing the process to hang indefinitely.

The root cause is that the bnModInverse method assumes its input is a positive integer coprime to the modulus, without validating or normalizing the input. Zero input prevents the loop exit condition from being met, while negative inputs are not reduced modulo the modulus, causing oscillation and non-termination in the binary extended Euclidean algorithm.

This vulnerability is classified under CWE-835 (Loop with Unreachable Exit Condition) and has a high severity rating with a CVSS 3.1 base score of 8.7.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition by supplying crafted zero or negative inputs to the modInverse function, which causes the process to hang indefinitely.

Any application using jsrsasign where untrusted input can reach the modInverse function is vulnerable to permanent process hangs, significantly impacting system availability.

• RSA blinding operations that use random blinding factors potentially reduced to zero.
• Elliptic Curve (EC) point operations where zero z-coordinates can trigger modInverse calls.
• DSA/ECDSA signature verification when the signature component s equals zero.

While confidentiality and integrity are not affected, the availability of the affected system is severely impacted, making it vulnerable to network-based attacks without requiring privileges or user interaction.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing if the jsrsasign library's BigInteger.modInverse function hangs or enters an infinite loop when called with zero or negative inputs."}, {'type': 'paragraph', 'content': 'A practical detection method is to run test scripts that invoke modInverse with crafted inputs such as modInverse(0, m) or modInverse(-1, m) and observe if the process hangs indefinitely.'}, {'type': 'paragraph', 'content': 'For example, a Node.js script can be used to spawn child processes that call modInverse with these crafted inputs and check if they hang beyond a timeout (e.g., 3000ms), indicating the vulnerability.'}, {'type': 'paragraph', 'content': 'No specific network commands are provided, but monitoring for processes that hang or become unresponsive when handling cryptographic operations involving jsrsasign may help detect exploitation attempts.'}] [2]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate and recommended mitigation is to upgrade the jsrsasign library to version 11.1.1 or later, where the vulnerability has been fixed.

The fix includes input normalization and validation in the bnModInverse function to prevent infinite loops caused by zero or negative inputs.

If upgrading is not immediately possible, as a partial mitigation, ensure that inputs to modInverse are validated to reject zero or negative values before calling the function.

Additionally, review and update any cryptographic code paths that might pass untrusted or unchecked inputs to modInverse, such as RSA blinding, EC point operations, or DSA/ECDSA signature verification.

Useful 0 Not Useful 0