CVE-2026-44905
Received Received - Intake
Denial-of-Service in Vanetza Due to ASN.1 Semantic Validation Bypass

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: GitHub, Inc.

Description
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically valid. However, this reveals a logic-based protocol failure where semantic constraints on specific fields are only strictly enforced during OER re-encoding. Specifically, if a crafted packet contains a certificate where the Psid (Provider Service Identifier) sub-type violates subtype constraints (e.g., out-of-range or invalid CHOICE variant), it is accepted during initial parsing, where subtype constraints are not enforced. Later, when StraightVerifyService attempts to calculate a message hash for cryptographic verification, it must re-encode the signing certificate. The underlying ASN.1 wrapper (asn1c_wrapper.cpp) detects the semantic violation during encoding and raises a std::runtime_error. This exception is not caught within the encoding path and propagates to std::terminate, resulting in immediate process termination. This vulnerability is fixed with commit e1a2e2709210d309458c3d77f98d50dec26c0df0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-05-27
AI Q&A
2026-05-27
EPSS Evaluated
N/A
NVD
CVE-2026-44905
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-248 An exception is thrown from a function, but it is not caught.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in Vanetza, an open-source implementation of the ETSI C-ITS protocol suite. In versions 26.02 and earlier, there is a denial-of-service issue in the cryptographic verification pipeline. Specifically, when processing incoming V2X messages, the ASN.1 decoder accepts packets as syntactically valid even if they contain semantic violations in certain fields, such as an invalid Psid (Provider Service Identifier) sub-type.

The problem arises because these semantic constraints are only enforced later during OER re-encoding. When the system attempts to re-encode the signing certificate to calculate a message hash for cryptographic verification, it detects the semantic violation and raises an uncaught exception. This causes the process to terminate immediately, resulting in a denial-of-service condition.


How can this vulnerability impact me? :

This vulnerability can cause a denial-of-service (DoS) condition in systems using Vanetza for V2X message processing. An attacker can craft a malicious packet with an invalid Psid sub-type that triggers an uncaught exception during cryptographic verification, causing the process to terminate unexpectedly.

As a result, the affected system may become unavailable or stop processing messages, potentially disrupting communication in vehicular networks that rely on Vanetza for secure message verification.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is fixed with commit e1a2e2709210d309458c3d77f98d50dec26c0df0. Immediate mitigation involves updating Vanetza to a version that includes this fix.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart