Skip to content

Instantly share code, notes, and snippets.

@alon710

alon710/CVE-2024-29857.md

Created March 11, 2026 12:40
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save alon710/e4732159e1f585a63efbc5b08553ea3b to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save alon710/e4732159e1f585a63efbc5b08553ea3b to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2024-29857: CVE-2024-29857: Denial of Service via Algorithmic Complexity in Bouncy Castle ECC - CVE Security Report
Raw
CVE-2024-29857.md

CVE-2024-29857: CVE-2024-29857: Denial of Service via Algorithmic Complexity in Bouncy Castle ECC

CVSS Score: 7.5 Published: 2024-05-09 Full Report: https://cvereports.com/reports/CVE-2024-29857

Summary

An algorithmic complexity exhaustion vulnerability exists in the Bouncy Castle cryptographic libraries for Java and C# .NET. The vulnerability affects the processing of Elliptic Curve Cryptography (ECC) parameters defined over binary finite fields. Remote attackers can trigger unbounded resource consumption and cause a denial of service (DoS) by supplying specially crafted X.509 certificates with excessively large field degree parameters.

TL;DR

Bouncy Castle (Java < 1.78, C# < 2.3.1) fails to limit the field degree parameter when processing explicit ECC curve parameters over binary fields. This allows remote attackers to trigger an infinite CPU loop via malicious X.509 certificates.

Exploit Status: POC

Technical Details

  • CWE ID: CWE-400 / CWE-125
  • Attack Vector: Network (Malicious X.509 Certificate)
  • CVSS v3.1 Score: 7.5
  • EPSS Score: 0.00337 (56.09%)
  • Impact: 100% CPU Exhaustion (Denial of Service)
  • Exploit Status: Proof of Concept (X.509DoSTool)
  • KEV Status: Not Listed

Affected Systems

  • Jenkins
  • Keycloak
  • Logstash
  • Oracle WebLogic Server
  • IBM SPSS Collaboration and Deployment Services
  • Red Hat Enterprise Linux (RHEL)
  • Amazon Linux
  • Cloudera Flow Management
  • Bouncy Castle Java (BC Java): < 1.78 (Fixed in: 1.78)
  • Bouncy Castle Java LTS: < 2.73.6 (Fixed in: 2.73.6)
  • Bouncy Castle FIPS (BC-FJA): < 1.0.2.5 (Fixed in: 1.0.2.5)
  • Bouncy Castle C# .NET: < 2.3.1 (Fixed in: 2.3.1)

Mitigation

  • Upgrade to Bouncy Castle Java 1.78 or 2.73.6 (LTS)
  • Upgrade to Bouncy Castle C# .NET 2.3.1
  • Upgrade Bouncy Castle FIPS to 1.0.2.5
  • Configure Java system property org.bouncycastle.ec.max_f2m_field_size
  • Configure .NET environment variable Org.BouncyCastle.EC.F2m_MaxSize

Remediation Steps:

  1. Audit project dependencies using SCA tools (Snyk, Dependabot) to identify vulnerable Bouncy Castle versions.
  2. Update Maven/Gradle or NuGet package definitions to the patched versions.
  3. If utilizing third-party applications (Jenkins, Keycloak), apply vendor-specific security patches that bundle the updated Bouncy Castle libraries.
  4. Verify the application test suite executes correctly, ensuring no legacy requirements exist for binary curves exceeding 1142 bits.

References

Generated by CVEReports - Automated Vulnerability Intelligence

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment