CVE-2024-36121

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36121

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36121.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-36121

Aliases

GHSA-g762-h86w-8749

Published

2024-06-04T21:13:33.656Z

Modified

2025-12-05T04:54:02.596658Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N CVSS Calculator

Summary

netty-incubator-codec-ohttp's BoringSSLAEADContext Repeats Nonces

Details

netty-incubator-codec-ohttp is the OHTTP implementation for netty. BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat.

Database specific

{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36121.json",
    "cwe_ids": [
        "CWE-190",
        "CWE-200",
        "CWE-323"
    ]
}

References

Affected packages

Git / github.com/netty/netty-incubator-codec-ohttp

Affected ranges

Type: GIT
Repo: https://github.com/netty/netty-incubator-codec-ohttp
Events: Introduced

0a1f8013957d849dfd2e9354c51c6f598b489c48

Fixed

80defe2fbb66a4b88e1198415809718388a315d8

Affected versions

netty-incubator-codec-parent-ohttp-0.*

netty-incubator-codec-parent-ohttp-0.0.10.Final

netty-incubator-codec-parent-ohttp-0.0.3.Final

netty-incubator-codec-parent-ohttp-0.0.4.Final

netty-incubator-codec-parent-ohttp-0.0.5.Final

netty-incubator-codec-parent-ohttp-0.0.6.Final

netty-incubator-codec-parent-ohttp-0.0.7.Final

netty-incubator-codec-parent-ohttp-0.0.8.Final

netty-incubator-codec-parent-ohttp-0.0.9.Final