CVE-2024-27354
📋 TL;DR
This vulnerability in phpseclib allows attackers to cause denial of service by providing a malformed certificate with an extremely large prime number, triggering excessive CPU consumption during primality checks. It affects all systems using vulnerable versions of phpseclib for certificate processing. The issue was introduced while attempting to fix a previous vulnerability (CVE-2023-27560).
💻 Affected Systems
- phpseclib
📦 What is this software?
Phpseclib by Phpseclib
Phpseclib by Phpseclib
Phpseclib by Phpseclib
⚠️ Risk & Real-World Impact
Worst Case
Complete service unavailability due to CPU exhaustion, potentially affecting multiple services if phpseclib is used in critical authentication or encryption components.
Likely Case
Degraded performance or temporary service disruption when processing malicious certificates, particularly in web applications or API endpoints that accept user-provided certificates.
If Mitigated
Minimal impact with proper input validation, rate limiting, and updated libraries preventing certificate processing from consuming excessive resources.
🎯 Exploit Status
Exploitation requires the ability to provide a malformed certificate to the vulnerable system, which could be through various attack vectors including man-in-the-middle attacks or direct API calls.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.23, 2.0.47, or 3.0.36
Vendor Advisory: https://github.com/phpseclib/phpseclib/security/advisories/GHSA-8wvq-3gjj-8g6h
Restart Required: No
Instructions:
1. Identify phpseclib version in your project. 2. Update composer.json to require patched version. 3. Run 'composer update phpseclib/phpseclib'. 4. Test certificate functionality after update.
🔧 Temporary Workarounds
Input validation for certificates
allImplement strict validation of certificate size and structure before passing to phpseclib functions
Rate limiting certificate processing
allLimit the rate at which certificates can be submitted for processing to prevent DoS attacks
🧯 If You Can't Patch
- Implement WAF rules to block certificates with unusually large prime numbers or malformed structures
- Monitor CPU usage spikes during certificate processing and implement alerting for potential attacks
🔍 How to Verify
Check if Vulnerable:
Check composer.lock or vendor/phpseclib/phpseclib/VERSION file for version number. If version is below 1.0.23, 2.0.47, or 3.0.36, system is vulnerable.Check Version:
php -r "require 'vendor/autoload.php'; echo phpseclib\Crypt\RSA::VERSION;"Verify Fix Applied:
After updating, verify the version is at least 1.0.23, 2.0.47, or 3.0.36 depending on your major version. Test certificate processing functionality.📡 Detection & Monitoring
Log Indicators:
- Unusually long processing times for certificate validation
- High CPU usage spikes correlated with certificate processing requests
- Multiple failed certificate validation attempts from single source
Network Indicators:
- Unusually large certificate payloads in network traffic
- Multiple certificate submission attempts from single IP
SIEM Query:
source="application_logs" AND (message="*certificate*processing*timeout*" OR message="*phpseclib*error*")🔗 References
- https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
- https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Math/PrimeField.php#L49
- https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
- https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b
- https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Math/PrimeField.php#L49
- https://lists.debian.org/debian-lts-announce/2024/03/msg00002.html
- https://lists.debian.org/debian-lts-announce/2024/03/msg00003.html
