CVE-2024-5535: OpenSSL Information Disclosure Vulnerability

CVE-2024-5535 is an information disclosure vulnerability in OpenSSL that occurs when SSL_select_next_proto is called with an empty client protocols buffer, potentially leaking up to 255 bytes of memory to peers. This article covers the technical details, affected versions, impact assessment, and recommended mitigation strategies.

CVE-2024-5535 Overview

The CVE-2024-5535 vulnerability affects the OpenSSL library, specifically the SSL_select_next_proto function in scenarios where an empty client protocols buffer is provided. This condition can lead to either a crash or inadvertent disclosure of memory contents, posing a critical risk of exposing confidential information.

Critical Impact
Memory overread may expose up to 255 bytes of memory, potentially leading to information leakage.

Affected Products

OpenSSL (any application directly invoking SSL_select_next_proto with zero-length protocol list)
Not Available
Not Available

Discovery Timeline

Not Available - Vulnerability discovered by Not Available
Not Available - Responsible disclosure to Not Available
Not Available - CVE CVE-2024-5535 assigned
Not Available - Not Available releases security patch
2024-06-27 - CVE CVE-2024-5535 published to NVD
2025-11-03 - Last updated in NVD database

Technical Details for CVE-2024-5535

Vulnerability Analysis

The vulnerability resides in the SSL_select_next_proto function of OpenSSL, which is primarily utilized in ALPN or NPN contexts. It fails to handle cases where a zero-length client protocol list is provided, resulting in a buffer overread and exposure of adjacent memory contents.

Root Cause

The issue arises from the function not validating a zero-length client protocol list, leading to the return of memory beyond the list pointer and potential exposure of sensitive data.

Attack Vector

Exploitable remotely over a network, primarily requiring a configuration or programming error in the application using OpenSSL's SSL_select_next_proto function.

// Example exploitation code (sanitized)
unsigned char *output;
unsigned int outlen;
SSL_select_next_proto(&output, &outlen, server_protocols, server_protocols_len, client_protocols, 0);

Detection Methods for CVE-2024-5535

Indicators of Compromise

Unexpected application crashes
Memory dump analysis showing remnants of non-application data
Unusual network packets containing outbound sensitive data

Detection Strategies

Utilize network monitoring tools to identify anomalies in data exchanged during TLS/SSL handshakes. Implement logging to capture unexpected application behavior that may indicate exploitation attempts.

Monitoring Recommendations

Monitor incoming and outgoing network traffic for unusual or unexpected protocol activities. Leverage SentinelOne's behavior-based detection to flag abnormal use of OpenSSL functions in applications.

How to Mitigate CVE-2024-5535

Immediate Actions Required

Verify application code to ensure non-zero lengths are passed to SSL_select_next_proto
Employ rigorous input validation for all OpenSSL API calls
Enable verbose logging to detect any runtime anomalies

Patch Information

While no immediate patches are available due to the low severity classification, future OpenSSL releases will incorporate the fix.

Workarounds

Configure your applications to strictly adhere to ALPN use where possible, as it inherently avoids zero-length client protocol lists.

bash

# Configuration example
export ALPN_ENABLED=true
export OPENSSL_CONF=/path/to/openssl.cnf

# Workaround to ensure non-zero client protocol list
if [[ -z "$CLIENT_PROTOS" ]]; then
  echo "Error: Client protocols list cannot be empty"
  exit 1
fi