GraoMelo/CVE-2026-TDES-Wrap-PoC

GitHub: GraoMelo/CVE-2026-TDES-Wrap-PoC

Stars: 0 | Forks: 0

# CVE-2026-TDES-Wrap-PoC ## Heap Buffer Overflow in TDES Wrap Cipher — OpenSSL 4.0.0 **CVSS 3.1:** 8.2 (High) — `AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H` ### Root Cause The TDES Wrap cipher (`des-ede3-wrap`) calculates its output as `inl + 16` (8 AIV + 8 SHA-1 ICV per RFC 3217), but: 1. **EVP layer** (`crypto/evp/evp_enc.c:690,801`) estimates `outsize = inl + 8` for WRAP mode — 8 bytes short 2. **Provider check** (`cipher_tdes_wrap.c:139,159`) validates `outsize < inl` instead of `outsize < inl + 16` Net result: **8-byte fixed heap buffer overflow** on every `EVP_EncryptUpdate` call with `des-ede3-wrap`. ### Impact - Heap metadata corruption → tcache poisoning → potential RCE - Confirmed with glibc heap corruption crashes (`double free`, `invalid size`) - Reachable remotely via PKCS#11/KMIP wrap export (SoftHSM, Vault) ### CI Status | Architecture | Status | |-------------|--------| | amd64 (x86_64) | [![CI amd64](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/dac4ba99b3214551.svg)](https://github.com/GraoMelo/CVE-2026-TDES-Wrap-PoC/actions/workflows/ci-amd64.yml) | | arm64 (aarch64) | [![CI arm64](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/ed0dd343af214554.svg)](https://github.com/GraoMelo/CVE-2026-TDES-Wrap-PoC/actions/workflows/ci-arm64.yml) | | i686 (32-bit) | [![CI i686](https://static.pigsec.cn/wp-content/uploads/repos/2026/05/785ac8cdcd214555.svg)](https://github.com/GraoMelo/CVE-2026-TDES-Wrap-PoC/actions/workflows/ci-i686.yml) | Each CI workflow: 1. Builds OpenSSL 4.0.0 **vanilla** with ASan 2. Runs PoC → confirms heap-buffer-overflow (salvo como artifact) 3. Applies patches and rebuilds 4. Runs PoC again → confirms overflow blocked (salvo como artifact) ### Contents | Directory | Description | |-----------|-------------| | `PoC/` | PoC source (`tdes_wrap_overflow.c`) + Makefile | | `patches/` | Fix patches (provider + EVP layer) | | `evidence/` | ASan crash logs (generated by CI, 3 architectures) | | `scripts/` | Build orchestration scripts | | `reports/` | Vulnerability summary + CVSS vector | ### Build Locally # Build vanilla OpenSSL 4.0.0 with ASan ./scripts/build-openssl.sh --arch amd64 # Run PoC (expect ASan crash) ./scripts/run-poc.sh --mode vanilla --arch amd64 # Apply patches ./scripts/build-patched.sh --arch amd64 # Run PoC again (expect PROV_R_OUTPUT_BUFFER_TOO_SMALL) ./scripts/run-poc.sh --mode patched --arch amd64 ### Sister Vulnerability A mesma root cause EVP afeta também o AES Wrap com Padding (RFC 5649): **[CVE-2026-AES-Wrap-PAD-PoC](https://github.com/GraoMelo/CVE-2026-AES-Wrap-PAD-PoC)** *Discovered and reported by Everton Melo (Independent) — forense.melo@protonmail.com*

标签：客户端加密