SUMMARY

A stack overflow vulnerability exists in the GetIndefiniteElementLen functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1 record can lead to denial of service. An attacker can provide a malformed ASN.1 record to trigger this vulnerability.

CONFIRMED VULNERABLE VERSIONS

The versions below were either tested or verified to be vulnerable by Talos or confirmed to be vulnerable by the vendor.

Dell BSAFE Crypto-C RSA 6.4

PRODUCT URLS

BSAFE Crypto-C - https://www.dell.com/support/product-details/en-us/product/bsafe-crypto-c-micro-edition/docs

CVSSv3 SCORE

7.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-789 - Uncontrolled Memory Allocation

DETAILS

Dell BSAFE Crypto-C is a software library providing cryptographic functions and services for application developers. It is part of the BSAFE suite of security products, designed to offer robust encryption and data protection capabilities. Crypto-C supports a wide range of cryptographic algorithms, including symmetric and asymmetric encryption, hashing, and digital signatures, ensuring secure data handling and communication.

When parsing elements with indefinite lengths, _A_GetIndefiniteElementLen can call itself with no checks in place to limit recursion. A malformed input file can cause a stack overflow and in the result Denial of Service.

VENDOR RESPONSE

Vendor information: https://www.dell.com/support/kbdoc/en-us/000205186/bsafe-crypto-c-micro-edition-sdk-end-of-life-announcement

TIMELINE

2025-01-24 - Vendor Disclosure
2025-10-08 - Vendor Patch Release
2025-10-16 - Public Release