5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-29857

GHSA ID

GHSA-8xfc-gm6g-vgpv

EPSS Score

0.37116%

CWE

CWE-125

Published

5/14/2024

Updated

12/6/2024

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-29857

CVE-2024-29857: Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-29857

GHSA ID

GHSA-8xfc-gm6g-vgpv

EPSS Score

0.37116%

CWE

CWE-125

Published

5/14/2024

Updated

12/6/2024

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.bouncycastle:bcprov-jdk18on	maven	< 1.78	1.78
org.bouncycastle:bcprov-jdk15on	maven	< 1.78	1.78
org.bouncycastle:bcprov-jdk15to18	maven	< 1.78	1.78
org.bouncycastle:bcprov-jdk14	maven	< 1.78	1.78
org.bouncycastle:bctls-jdk18on	maven	< 1.78	1.78
org.bouncycastle:bctls-jdk14	maven	< 1.78	1.78
org.bouncycastle:bctls-jdk15to18	maven	< 1.78	1.78
org.bouncycastle:bc-fips	maven	< 1.0.2.5	1.0.2.5
BouncyCastle	nuget	< 2.3.1
BouncyCastle.Cryptography	nuget	< 2.3.1	2.3.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing bounds checks in F2m curve parameter validation. The commit diffs show both Java and C# implementations added validation for the 'm' parameter in their respective ECCurve classes. The vulnerable versions allowed arbitrary m values without size restrictions, enabling crafted certificates to trigger computationally expensive operations. The test cases added in the commits (testLargeMInF2m) directly verify this boundary check, confirming these functions were the entry points for the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in ***urv*.j*v* *n* ***urv*.*s in *oun*y **stl* J*v* (** J*v*) ***or* *.**, ** J*v* LTS ***or* *.**.*, **-*J* ***or* *.*.*.*, *n* ** *# .N*t ***or* *.*.*. Importin* *n ** **rti*i**t* wit* *r**t** **m p*r*m*t*rs **n l*** to *x*

Reasoning

T** vuln*r**ility st*ms *rom missin* *oun*s ****ks in **m *urv* p*r*m*t*r `v*li**tion`. T** *ommit *i**s s*ow *ot* J*v* *n* *# impl*m*nt*tions ***** `v*li**tion` *or t** 'm' p*r*m*t*r in t**ir r*sp**tiv* `***urv*` *l*ss*s. T** vuln*r**l* v*rsions *ll

5.3

Basic Information

Concerned about an active attack path?

CVE-2024-29857: Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI