CVE-2026-21637 Overview
A vulnerability in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error events), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue.
Critical Impact
Remote attackers can cause denial of service through process crashes or resource exhaustion on Node.js TLS servers using PSK or ALPN callbacks.
Affected Products
- Node.js TLS servers using pskCallback
- Node.js TLS servers using ALPNCallback
- Node.js versions where these callbacks throw without being safely wrapped
Discovery Timeline
- 2026-01-20 - CVE CVE-2026-21637 published to NVD
- 2026-01-21 - Last updated in NVD database
Technical Details for CVE-2026-21637
Vulnerability Analysis
This vulnerability is classified as CWE-400 (Uncontrolled Resource Consumption). The flaw exists in how Node.js handles synchronous exceptions that occur within TLS callback functions, specifically pskCallback and ALPNCallback. Under normal operation, TLS errors are expected to be caught and propagated through the tlsClientError or error event handlers. However, when exceptions are thrown synchronously within these specific callback contexts, they escape the standard error handling paths entirely.
The impact manifests in two potential failure modes: immediate process termination when the unhandled exception propagates up the call stack, or silent file descriptor leaks when partial cleanup occurs but socket resources are not properly released. Over time, repeated exploitation of the file descriptor leak path leads to resource exhaustion and eventual service unavailability.
Root Cause
The root cause stems from improper exception handling within the TLS handshake callback execution path. When pskCallback or ALPNCallback functions throw exceptions synchronously, the Node.js TLS implementation does not properly wrap these callback invocations in try-catch blocks. This allows exceptions to bypass the established error event system (tlsClientError, error), preventing proper error handling and resource cleanup routines from executing.
Attack Vector
An attacker can exploit this vulnerability remotely over the network by initiating TLS handshakes with a vulnerable Node.js server. By crafting specific TLS handshake parameters that trigger exception conditions in PSK or ALPN callback processing, the attacker can cause the callback to throw an exception. Since the attack occurs during the TLS handshake phase before authentication completes, no credentials or special access is required. The attacker can repeatedly send malicious handshake requests to either crash the process immediately or gradually exhaust file descriptors until the server becomes unresponsive.
The vulnerability mechanism involves sending crafted TLS ClientHello messages with specific PSK identity values or ALPN protocol lists that, when processed by the application's callback logic, trigger synchronous exceptions. For detailed technical information on the vulnerability, refer to the Node.js December 2025 Security Blog.
Detection Methods for CVE-2026-21637
Indicators of Compromise
- Unexpected Node.js process crashes or restarts coinciding with incoming TLS connections
- Gradual increase in file descriptor usage without corresponding connection growth
- Repeated TLS handshake failures from the same source IP addresses
- Unhandled exception logs referencing pskCallback or ALPNCallback
Detection Strategies
- Monitor application logs for unhandled exceptions within TLS callback contexts
- Implement alerting on abnormal rates of TLS handshake failures
- Track file descriptor counts per Node.js process and alert on sustained increases
- Review process crash logs for stack traces involving TLS callback functions
Monitoring Recommendations
- Configure resource monitoring to track open file descriptors per process
- Implement rate limiting on TLS handshake attempts per source IP
- Set up automated restart policies with crash loop detection
- Enable detailed TLS debugging logs in non-production environments for threat analysis
How to Mitigate CVE-2026-21637
Immediate Actions Required
- Wrap all pskCallback and ALPNCallback implementations in try-catch blocks
- Implement proper error handling to return appropriate values instead of throwing exceptions
- Review and update Node.js to the latest patched version addressing this vulnerability
- Implement connection rate limiting at the network or load balancer level
Patch Information
Node.js has released security updates addressing this vulnerability. Refer to the Node.js December 2025 Security Blog for specific version information and patch details. Organizations should update to the patched Node.js versions as soon as possible to fully remediate this vulnerability.
Workarounds
- Wrap callback functions in try-catch blocks to prevent unhandled exceptions from escaping
- Implement defensive input validation within callbacks before processing attacker-controlled data
- Deploy a TLS-terminating reverse proxy in front of vulnerable Node.js applications
- Implement process monitoring and automatic restart mechanisms to mitigate DoS impact
# Configuration example - Defensive callback wrapper pattern
# Ensure all pskCallback and ALPNCallback implementations
# catch exceptions and return appropriate error values
# Example pseudo-configuration for process monitoring:
pm2 start app.js --max-restarts 10 --restart-delay 1000
# Or with systemd, configure Restart=always with rate limiting
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
