Skip to content

s2n-tls has undefined behavior at process exit

Low severity GitHub Reviewed Published Nov 14, 2024 in aws/s2n-tls • Updated Nov 14, 2024

Package

cargo s2n-tls (Rust)

Affected versions

< 0.3.7

Patched versions

0.3.7

Description

Impact

s2n-tls uses the Linux atexit function to register functions that clean up the global state when the process exits. In multi-threaded environments, the atexit handler may clean up state which is still in use by other threads. When this occurs, the exiting process may experience a segmentation fault or other undefined behavior.

Customers of AWS services do not need to take action. Applications using s2n-tls should upgrade to the most recent release of s2n-tls.

Impacted versions: < v1.5.9.

Patches

The patch commit 493b771 is included in s2n-tls v1.5.9 [1]

Workarounds

The atexit handler may be disabled by calling s2n_disable_atexit() prior to initializing s2n-tls. The atexit handler is off by default in the patched versions. For further details, refer to s2n-tls Usage Guide: Initialization and Teardown.

If you have any questions or comments about this advisory, we ask that you contact AWS/Amazon Security via our vulnerability reporting page [2] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

[1] https://github.com/aws/s2n-tls/releases/tag/v1.5.9
[2] Vulnerability reporting page: https://aws.amazon.com/security/vulnerability-reporting

References

@WesleyRosenblum WesleyRosenblum published to aws/s2n-tls Nov 14, 2024
Published to the GitHub Advisory Database Nov 14, 2024
Reviewed Nov 14, 2024
Last updated Nov 14, 2024

Severity

Low

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-rp9h-rf7g-hwgr

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.