CVE-2024-37794
📋 TL;DR
CVE-2024-37794 is an improper input validation vulnerability in CVC5 Solver v1.1.3 that allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input file. This affects users who process untrusted SMT2 files with CVC5, particularly in automated theorem proving, formal verification, or constraint solving applications.
💻 Affected Systems
- cvc5
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete service disruption where CVC5 crashes or becomes unresponsive when processing malicious SMT2 files, potentially affecting dependent systems or workflows.
Likely Case
DoS affecting CVC5 processes handling untrusted SMT2 input, causing crashes or hangs that require manual intervention to restore service.
If Mitigated
Limited impact if CVC5 only processes trusted SMT2 files from controlled sources with proper input validation.
🎯 Exploit Status
Exploitation requires crafting a malicious SMT2 file that triggers the input validation flaw. No authentication is needed if CVC5 processes external files.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v1.1.4 or later
Vendor Advisory: https://github.com/cvc5/cvc5/issues/10813
Restart Required: Yes
Instructions:
1. Check current CVC5 version. 2. Update to v1.1.4 or later via package manager or source compilation. 3. Restart any services using CVC5. 4. Verify the update was successful.
🔧 Temporary Workarounds
Input validation wrapper
allImplement pre-processing validation for SMT2 files before passing to CVC5
# Example: Use a script to validate SMT2 syntax before processing
# Custom validation logic required based on use case
Process isolation
linuxRun CVC5 in isolated containers with resource limits to contain crashes
docker run --memory="512m" --cpus="1" -v /safe/input:/input cvc5:isolated
🧯 If You Can't Patch
- Restrict CVC5 to process only trusted, pre-validated SMT2 files from controlled sources
- Implement monitoring and automatic restart mechanisms for CVC5 processes to mitigate DoS impact
🔍 How to Verify
Check if Vulnerable:
Check if CVC5 version is exactly 1.1.3 and processes SMT2 filesCheck Version:
cvc5 --versionVerify Fix Applied:
Verify CVC5 version is 1.1.4 or later and test with known problematic SMT2 files📡 Detection & Monitoring
Log Indicators:
- CVC5 process crashes or abnormal termination when processing SMT2 files
- High CPU/memory usage followed by process termination
Network Indicators:
- Unusually large or malformed SMT2 file uploads to systems using CVC5
SIEM Query:
process_name:"cvc5" AND (event_type:"crash" OR exit_code:139) AND file_extension:".smt2"