CVE-2022-24988

Vulnerability

The vulnerability is an off-by-one buffer overflow in the PrimitivePolynomialField::new function of the galois_2p8 crate (versions before 0.1.2). The function writes one byte past the allocated vector, causing a buffer overflow [1][2][3]. The affected versions are all prior to 0.1.2.

Exploitation

An attacker would need to trigger the PrimitivePolynomialField::new constructor with a crafted input that causes the off-by-one write. The exact conditions are not detailed, but since it's a library function, exploitation likely requires a program using the library to pass malicious data to this constructor. No authentication or network position is specified; it depends on how the library is used.

Impact

Successful exploitation could lead to memory corruption, potentially allowing an attacker to overwrite adjacent memory. The impact may include denial of service or arbitrary code execution depending on the context. The CHANGELOG notes the fix prevents writing one byte past the allocated vec [3].

Mitigation

The fix was released in version 0.1.2 on 2022-02-13 [3]. Users should update to 0.1.2 or later immediately. No workarounds are mentioned. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities catalog.