CVE-2026-21897

HIGH

CryptoLib < 1.4.3 - Out-of-bounds Write in Crypto_Config_Add_Gvcid_Managed_Parameters

Title source: llm

Description

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the Crypto_Config_Add_Gvcid_Managed_Parameters function only checks whether gvcid_counter > GVCID_MAN_PARAM_SIZE. As a result, it allows up to the 251st entry, which causes a write past the end of the array, overwriting gvcid_counter located immediately after gvcid_managed_parameters_array[250]. This leads to an out-of-bounds write, and the overwritten gvcid_counter may become an arbitrary value, potentially affecting the parameter lookup/registration logic that relies on it. This issue has been patched in version 1.4.3.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://github.com/nasa/CryptoLib/security/advisories/GHSA-9x7j-gx23-7m5r

Release Notes x_refsource_misc

https://github.com/nasa/CryptoLib/releases/tag/v1.4.3

Scores

CVSS v3 7.3

EPSS 0.0026

EPSS Percentile 17.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (1)

nasa/cryptolib < 1.4.3

Published Jan 10, 2026

Tracked Since Feb 18, 2026