Login Sign Up

CVE-2019-25048

7.1 HIGH

📋 TL;DR

This vulnerability in LibreSSL allows attackers to read beyond allocated heap memory boundaries when processing ASN.1 data structures. It affects systems using LibreSSL 2.9.1 through 3.2.1 for cryptographic operations, potentially exposing sensitive information from memory.

💻 Affected Systems

Products:
  • LibreSSL
Versions: 2.9.1 through 3.2.1
Operating Systems: All operating systems using affected LibreSSL versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only exploitable when applications use ASN.1 printing functions (asn1_item_print_ctx, ASN1_item_print) with untrusted input.

📦 What is this software?

Libressl by Openbsd

View all CVEs affecting Libressl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive cryptographic keys, certificates, or other memory contents leading to complete system compromise.

🟠

Likely Case

Application crash (denial of service) or limited information disclosure from adjacent memory regions.

🟢

If Mitigated

Minimal impact if systems are patched or don't process untrusted ASN.1 data.

🌐 Internet-Facing: MEDIUM - Only affects systems processing untrusted ASN.1 data via vulnerable LibreSSL functions.
🏢 Internal Only: LOW - Requires specific conditions and untrusted input to trigger.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires control over ASN.1 data passed to vulnerable printing functions. The OSS-Fuzz bug report contains triggering inputs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: LibreSSL 3.2.2 and later

Vendor Advisory: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.2-relnotes.txt

Restart Required: Yes

Instructions:

1. Update LibreSSL to version 3.2.2 or later. 2. Recompile applications linked against LibreSSL. 3. Restart affected services.

🔧 Temporary Workarounds

Disable ASN.1 Debug Output

all

Avoid calling vulnerable ASN.1 printing functions in production code.

Review application code and remove/disable calls to ASN1_item_print and related functions

🧯 If You Can't Patch

  • Restrict input to ASN.1 parsing functions to trusted sources only
  • Implement strict input validation and bounds checking for ASN.1 data processing

🔍 How to Verify

Check if Vulnerable:

Check LibreSSL version: libressl version | grep -E '2\.9\.1|3\.0\.|3\.1\.|3\.2\.0|3\.2\.1'

Check Version:

libressl version

Verify Fix Applied:

Verify version is 3.2.2 or later: libressl version | grep -E '3\.2\.2|3\.3\.'

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults in LibreSSL ASN.1 functions
  • Unexpected memory access errors in security logs

Network Indicators:

  • Unusual ASN.1 data patterns sent to services using LibreSSL

SIEM Query:

source="*libressl*" AND ("segmentation fault" OR "heap overflow" OR "ASN1_item_print")

📊 Metadata

CVE ID: CVE-2019-25048
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: July 1, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-25048, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)