CVE-2025-64096 Overview
CVE-2025-64096 is a stack-based buffer overflow vulnerability in NASA CryptoLib, a software-only implementation of the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP). The library secures communications between spacecraft running the core Flight System (cFS) and ground stations. The vulnerability resides in the Crypto_Key_update() function within crypto_key_mgmt.c and stems from a missing bounds check on an attacker-controlled length field. A remote attacker with low privileges can supply a crafted TLV packet to trigger memory corruption. The flaw affects CryptoLib versions prior to 1.4.2 and is fixed in release 1.4.2.
Critical Impact
A remote authenticated attacker can corrupt stack memory in the key management routine, potentially leading to arbitrary code execution within spacecraft-to-ground communication infrastructure.
Affected Products
- NASA CryptoLib versions prior to 1.4.2
- Spacecraft systems running core Flight System (cFS) that integrate CryptoLib
- Ground station software using CryptoLib for SDLS-EP key management
Discovery Timeline
- 2025-10-30 - CVE-2025-64096 published to NVD
- 2026-06-17 - Last updated in NVD database
Technical Details for CVE-2025-64096
Vulnerability Analysis
The vulnerability is classified as a stack-based buffer overflow [CWE-121] in the Crypto_Key_update() function defined in crypto_key_mgmt.c. CryptoLib parses Type-Length-Value (TLV) packets as part of the SDLS-EP key management protocol. The function derives the number of keys to process from the pdu_len field supplied in the incoming TLV packet. The code does not validate pdu_len against the fixed size of the local stack array kblk[98] before iterating and writing key block entries. An attacker who supplies a spoofed pdu_len larger than 98 forces the loop to write past the bounds of the stack buffer, corrupting adjacent stack memory including saved return addresses.
Root Cause
The root cause is missing input validation on a length field that originates from untrusted network input. The Crypto_Key_update() function trusts the protocol-supplied pdu_len value and uses it directly to compute write offsets into the static kblk[98] buffer. Without a comparison against the array capacity, the calculation produces out-of-bounds writes whenever the attacker-controlled count exceeds the static allocation.
Attack Vector
Exploitation requires network access to the CryptoLib endpoint and low-level privileges sufficient to submit SDLS-EP key management PDUs. The attacker constructs a TLV packet declaring a pdu_len value that causes the derived key count to exceed 98. When CryptoLib processes the packet, the overflow writes attacker-controlled bytes into stack memory beyond kblk[]. The attack does not require user interaction, and successful corruption can yield code execution in the context of the spacecraft or ground station process handling secure link communications.
No public proof-of-concept code is available. Technical details are described in the NASA CryptoLib GitHub Security Advisory.
Detection Methods for CVE-2025-64096
Indicators of Compromise
- SDLS-EP TLV packets containing pdu_len values that imply more than 98 key blocks
- Unexpected process crashes or segmentation faults in CryptoLib-linked binaries during key update operations
- Anomalous restart events on cFS-based spacecraft software components that handle key management
Detection Strategies
- Inspect SDLS-EP packet flows for malformed TLV structures and oversized length fields prior to delivery to CryptoLib
- Deploy memory-safety instrumentation such as AddressSanitizer in test environments to surface out-of-bounds writes in Crypto_Key_update()
- Correlate ground station telemetry with command uplink logs to identify suspicious key management activity
Monitoring Recommendations
- Log all SDLS-EP key update PDUs with source identifiers and length fields for retrospective analysis
- Alert on repeated parsing failures or crashes within processes that link CryptoLib
- Monitor configuration management systems for the presence of CryptoLib versions earlier than 1.4.2
How to Mitigate CVE-2025-64096
Immediate Actions Required
- Upgrade CryptoLib to version 1.4.2 or later on all spacecraft and ground station systems
- Audit cFS deployments and ground software builds to identify embedded copies of vulnerable CryptoLib versions
- Restrict network paths that can deliver SDLS-EP key management PDUs to authenticated, authorized peers only
Patch Information
The vulnerability is fixed in NASA CryptoLib version 1.4.2. The fix adds the missing bounds check in Crypto_Key_update() so that pdu_len-derived counts cannot exceed the size of kblk[98]. Refer to the NASA CryptoLib GHSA-w6c3-pxvr-6m6j advisory for upgrade guidance and patch references.
Workarounds
- Apply network segmentation to limit which peers can submit SDLS-EP key management traffic to CryptoLib endpoints
- Enforce strict authentication and authorization on all uplink command paths that reach the key management interface
- Deploy upstream packet validation that rejects TLV packets whose declared length fields exceed protocol expectations
# Verify installed CryptoLib version and rebuild against 1.4.2
git clone https://github.com/nasa/CryptoLib.git
cd CryptoLib
git checkout v1.4.2
mkdir build && cd build
cmake ..
make
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

