{"uuid": "fb9b42f8-c712-4454-a3f1-94a3e43f9b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27354", "type": "seen", "source": "https://gist.github.com/alon710/232791296081f154e55f4a32d1309fc0", "content": "# CVE-2024-27354: CVE-2024-27354: Computational Denial of Service via Unbounded Primality Testing in phpseclib\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-05-06\n> **Full Report:** https://cvereports.com/reports/CVE-2024-27354\n\n## Summary\nA computational Denial of Service (DoS) vulnerability in phpseclib allows unauthenticated attackers to exhaust CPU resources by supplying malformed X.509 certificates. The vulnerability arises from missing bit-length upper bounds in the Miller-Rabin primality test implementation when evaluating explicit elliptic curve field parameters.\n\n## TL;DR\nphpseclib before versions 1.0.23, 2.0.47, and 3.0.36 suffers from a computational DoS flaw where parsing maliciously crafted X.509 certificates with massive explicit primes triggers an unbounded Miller-Rabin primality test, leading to CPU exhaustion.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-400\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00204 (42.24%)\n- **Impact**: Denial of Service (CPU Exhaustion)\n- **Exploit Status**: Proof of Concept\n- **CISA KEV**: No\n\n## Affected Systems\n\n- phpseclib 1.x series\n- phpseclib 2.x series\n- phpseclib 3.x series\n- **phpseclib**: 1.x < 1.0.23 (Fixed in: `1.0.23`)\n- **phpseclib**: 2.x < 2.0.47 (Fixed in: `2.0.47`)\n- **phpseclib**: 3.x < 3.0.36 (Fixed in: `3.0.36`)\n\n## Mitigation\n\n- Upgrade phpseclib to the latest patched version on the active release branch.\n- Implement application-level limits on the size of uploaded X.509 certificate files.\n- Configure standard PHP execution timeouts (`max_execution_time`) to bound resource consumption on worker threads.\n- Register a custom PHP error handler to convert E_USER_NOTICE into fatal exceptions if operating on the 1.x or 2.x branches.\n\n**Remediation Steps:**\n1. Identify the current version of phpseclib utilizing Composer (`composer show phpseclib/phpseclib`).\n2. Update the version constraint in `composer.json` to ensure a minimum version of 1.0.23, 2.0.47, or 3.0.36.\n3. Execute `composer update phpseclib/phpseclib` to retrieve the patched library.\n4. If utilizing the 1.x or 2.x branches, review application bootstrap code to ensure `set_error_handler` upgrades `E_USER_NOTICE` to a thrown exception.\n\n## References\n\n- [GitHub Advisory: GHSA-hg35-mp25-qf6h](https://github.com/advisories/GHSA-hg35-mp25-qf6h)\n- [katzj Gist - Technical Write-up](https://gist.github.com/katzj/ee72f3c2a00590812b2ea3c0c8890e0b)\n- [USENIX Security '25: X.509DoS Paper](https://www.usenix.org/system/files/conference/usenixsecurity25/sec25cycle1-prepub-599-shi-bing.pdf)\n- [phpseclib 3.0 Fix Commit](https://github.com/phpseclib/phpseclib/commit/0358eb163c55a9fd7b3848b9ecc83f6b9e49dbf5)\n- [phpseclib 2.0 Fix Commit](https://github.com/phpseclib/phpseclib/commit/ad5dbdf2129f5e0fb644637770b7f33de8ca8575)\n- [phpseclib getLength Fix Commit](https://github.com/phpseclib/phpseclib/commit/c55b75199ec8d12cec6eadf6da99da4a3712fe56)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2024-27354) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-06T18:10:29.000000Z"}