Vulnerability-Lookup

WID-SEC-W-2025-1764

Vulnerability from csaf_certbund - Published: 2025-08-11 22:00 - Updated: 2025-11-18 23:00

Summary

Bouncy Castle: Schwachstelle ermöglicht Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Bouncy Castle ist eine Kryptographie-API für Java.

Angriff

Ein Angreifer kann eine Schwachstelle in Bouncy Castle ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux - MacOS X - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Bouncy Castle ist eine Kryptographie-API f\u00fcr Java.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann eine Schwachstelle in Bouncy Castle ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1764 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1764.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1764 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1764"
      },
      {
        "category": "external",
        "summary": "bcgit/bc-java Wiki - GitHub vom 2025-08-12",
        "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7242533 vom 2025-08-19",
        "url": "https://www.ibm.com/support/pages/node/7242533"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20250912-0012 vom 2025-09-12",
        "url": "https://security.netapp.com/advisory/NTAP-20250912-0012"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7245133 vom 2025-09-16",
        "url": "https://www.ibm.com/support/pages/node/7245133"
      },
      {
        "category": "external",
        "summary": "SAS Security Update vom 2025-10-02",
        "url": "https://support.sas.com/en/security-bulletins/sas-security-update-for-sas-94m9-ts1m9.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7251874 vom 2025-11-19",
        "url": "https://www.ibm.com/support/pages/node/7251874"
      }
    ],
    "source_lang": "en-US",
    "title": "Bouncy Castle: Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T11:47:08.092+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-1764",
      "initial_release_date": "2025-08-11T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-08-11T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: GHSA-67MF-3CR5-8W23, EUVD-2025-24231"
        },
        {
          "date": "2025-08-19T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-09-11T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2025-09-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-10-05T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Certified Container Operator \u003c12.0.1",
                "product": {
                  "name": "IBM App Connect Enterprise Certified Container Operator \u003c12.0.1",
                  "product_id": "T036561"
                }
              },
              {
                "category": "product_version",
                "name": "Certified Container Operator 12.0.1",
                "product": {
                  "name": "IBM App Connect Enterprise Certified Container Operator 12.0.1",
                  "product_id": "T036561-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:certified_container_operator__12.0.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Certified Container Operator \u003c12.2.1",
                "product": {
                  "name": "IBM App Connect Enterprise Certified Container Operator \u003c12.2.1",
                  "product_id": "T046334"
                }
              },
              {
                "category": "product_version",
                "name": "Certified Container Operator 12.2.1",
                "product": {
                  "name": "IBM App Connect Enterprise Certified Container Operator 12.2.1",
                  "product_id": "T046334-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:certified_container_operator__12.2.1::certified_container_operator"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "13.0.1.0-13.0.4.2",
                "product": {
                  "name": "IBM App Connect Enterprise 13.0.1.0-13.0.4.2",
                  "product_id": "T048734",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:13.0.1.0_-_13.0.4.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.0.1.0-12.0.12.16",
                "product": {
                  "name": "IBM App Connect Enterprise 12.0.1.0-12.0.12.16",
                  "product_id": "T048735",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.1.0_-_12.0.12.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "for z/OS 10.1.0.0-10.1.0.6",
                "product": {
                  "name": "IBM Integration Bus for z/OS 10.1.0.0-10.1.0.6",
                  "product_id": "T048736",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:integration_bus:10.1.0.0_-_10.1.0.6::zos"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Integration Bus"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Collaboration and Deployment Services",
                "product": {
                  "name": "IBM SPSS Collaboration and Deployment Services",
                  "product_id": "T037766",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SPSS"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "for L",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager for L",
                  "product_id": "T023548",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for Microsoft Windows",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager for Microsoft Windows",
                  "product_id": "T025631",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ActiveIQ Unified Manager"
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.78",
                "product": {
                  "name": "Open Source Bouncy Castle \u003c1.78",
                  "product_id": "T045990"
                }
              },
              {
                "category": "product_version",
                "name": "1.78",
                "product": {
                  "name": "Open Source Bouncy Castle 1.78",
                  "product_id": "T045990-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.78"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bouncy Castle"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.4M9 (TS1M9)",
                "product": {
                  "name": "SAS Institute Base SAS \u003c9.4M9 (TS1M9)",
                  "product_id": "T047382"
                }
              },
              {
                "category": "product_version",
                "name": "9.4M9 (TS1M9)",
                "product": {
                  "name": "SAS Institute Base SAS 9.4M9 (TS1M9)",
                  "product_id": "T047382-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sas:base_sas:9.4m9_%28ts1m9%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Base SAS"
          }
        ],
        "category": "vendor",
        "name": "SAS Institute"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-8885",
      "product_status": {
        "known_affected": [
          "T023548",
          "T048736",
          "T048735",
          "T048734",
          "T047382",
          "T025631",
          "T045990",
          "T037766",
          "T046334",
          "T036561"
        ]
      },
      "release_date": "2025-08-11T22:00:00.000+00:00",
      "title": "CVE-2025-8885"
    }
  ]
}

CVE-2025-8885 (GCVE-0-2025-8885)

Vulnerability from cvelistv5 – Published: 2025-08-12 09:13 – Updated: 2025-09-12 11:09

Title

Possible DOS in processing specially formed ASN.1 Object Identifiers

Summary

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java . This issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.

Severity ?

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

bcorg

References

URL

Tags

https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9…

Impacted products

Vendor

Product

Version

Legion of the Bouncy Castle Inc.

BC Java

Affected: 1.0 , ≤ 1.77 (maven)

Legion of the Bouncy Castle Inc.

BC-FJA

Affected: 1.0.0 , ≤ 1.0.2.5 (maven)
Affected: 2.0.0 , ≤ 2.0.1 (maven)

Credits

Bing Shi

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8885",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-12T18:14:28.953244Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-12T18:14:43.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
          "defaultStatus": "unaffected",
          "modules": [
            "API"
          ],
          "packageName": "bcprov",
          "platforms": [
            "All"
          ],
          "product": "BC Java",
          "programFiles": [
            "https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java"
          ],
          "repo": "https://github.com/bcgit/bc-java",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThanOrEqual": "1.77",
              "status": "affected",
              "version": "1.0",
              "versionType": "maven"
            }
          ]
        },
        {
          "collectionURL": "https://repo1.maven.org/maven2/org/bouncycastle",
          "defaultStatus": "unaffected",
          "modules": [
            "API"
          ],
          "packageName": "bc-fips",
          "platforms": [
            "All"
          ],
          "product": "BC-FJA",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThanOrEqual": "1.0.2.5",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "2.0.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
            }
          ],
          "value": "To be exposed to the issue a system needs to be consuming ASN.1 structures which are otherwise unvetted or unvalidated."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bing Shi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation.\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java\"\u003ehttps://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti...\u003c/a\u003e\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1.\u003c/p\u003e"
            }
          ],
          "value": "Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All (API modules), Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files  https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdenti... https://github.com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java .\n\nThis issue affects BC Java: from 1.0 through 1.77; BC-FJA: from 1.0.0 through 1.0.2.5, from 2.0.0 through 2.0.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130 Excessive Allocation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "USER",
            "Safety": "PRESENT",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-12T11:09:08.850Z",
        "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "shortName": "bcorg"
      },
      "references": [
        {
          "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908885"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Possible DOS in processing specially formed ASN.1 Object Identifiers",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER.\u0026nbsp;"
            }
          ],
          "value": "Limiting the size of ASN.1 objects that can be loaded from \"the wild\", or putting in place some other validation for such objects, will mitigate the risk of an exploit by automatically putting a cap on the maximum size of an ASN.1 OBJECT IDENTIFIER."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
    "assignerShortName": "bcorg",
    "cveId": "CVE-2025-8885",
    "datePublished": "2025-08-12T09:13:42.770Z",
    "dateReserved": "2025-08-12T08:07:48.262Z",
    "dateUpdated": "2025-09-12T11:09:08.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-1764

CVE-2025-8885 (GCVE-0-2025-8885)

Tags

Sightings

Nomenclature