CVE-2026-30909
- Source
- https://cve.org/CVERecord?id=CVE-2026-30909
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-30909.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-30909
- Published
- 2026-03-08T01:15:49.387Z
- Modified
- 2026-04-02T13:23:40.375618Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows.
bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZE_MAX, which could lead to integer wraparound causing an undersized output buffer.
Encountering this issue is unlikely as the message length would need to be very large.
For bin2hex() the binlen would have to be > SIZEMAX / 2 For encrypt() the msglen would need to be > SIZEMAX - 16U For aes256gcmencryptafternm() the msglen would need to be > SIZEMAX - 16U For seal() the enclen would need to be > SIZEMAX - 64U
- References
-
- https://metacpan.org/release/TIMLEGGE/Crypt-NaCl-Sodium-2.002/source/Sodium.xs#L2310
- https://metacpan.org/release/TIMLEGGE/Crypt-NaCl-Sodium-2.002/source/Sodium.xs#L3304
- https://metacpan.org/release/TIMLEGGE/Crypt-NaCl-Sodium-2.002/source/Sodium.xs#L942
- https://metacpan.org/release/TIMLEGGE/Crypt-NaCl-Sodium-2.002/source/Sodium.xs#L2116
- https://metacpan.org/release/TIMLEGGE/Crypt-NaCl-Sodium-2.003/source/Changes
- http://www.openwall.com/lists/oss-security/2026/03/08/1
- https://github.com/cpan-authors/crypt-nacl-sodium/pull/24.patch