CONTACT US
Search
CONTACT US

Memory Corruption vulnerability in SAP CommonCryptoLib

Impact On Business

A manipulated data package with a corrupted SNC NAME ASN.1 structure can lead to a parser error and a crash of the application.

Vulnerability Details

A memory corruption vulnerability exists for sec1_gss_import_name() in libsapcrypto.so library. The function trusts the incoming size parameter for a specific option. After using this wrong value in sec_buf2int_be() the pointer could point to somewhere out of bound or could not be a pointer anymore. Which can lead to a crash.

Solution

SAP has released SAP Note 3327896 which provides patched versions of the affected components.

The patches can be downloaded from https://me.sap.com/notes/3327896.

Onapsis strongly recommends SAP customers to download the related security fixes and apply them to the affected components in order to reduce business risks.

Report Timeline

  • 04/06/2023: Onapsis sends details to SAP
  • 04/06/2023: SAP acknowledges the report
  • 09/14/2023: SAP releases SAP Note fixing the issue

References

Back to Advisories

Advisory Information

  • Public Release Date: 08/18/25
  • Security Advisory ID: ONAPSIS-2024-0019
  • Researcher(s): Yvan Genuer

Vulnerability Information

  • Vendor: SAP
  • Affected Components: SAP CommonCryptoLib
    • COMMONCRYPTOLIB 8 SP 085 008549
    • SAP CONTENT SERVER 6.50 SP  012 PL 000012
    • SAP CONTENT SERVER 7.53 SP 1214 001214
    • SAP CONTENT SERVER 7.54 SP 200 PL 000200
    • SAP EXTENDED APP SERVICES 1 SP001 PL 000003
    • SAP HANA DATABASE 2.0 SP 059 PL 000010
    • SAP HANA DATABASE 2.0 SP 067 PL 000002
    • SAP HANA DATABASE 2.0 SP 071 PL 000000
    • SAP HOST AGENT 7.22 SP 061 PL 000061
    • SAP KERNEL 7.22_EX2 64-BIT SP 1300 001300
    • SAP KERNEL 7.22_EX2 64-BIT UC SP 1300 001300
    • SAP KERNEL 7.22 EXT 64-BIT SP 1300 001300
    • SAP KERNEL 7.22 EXT 64-BIT UC SP 1300 001300
    • SAP KERNEL 7.53 64-BIT SP 1213 001213
    • SAP KERNEL 7.53 64-BIT UNICODE SP 1213 001213
    • SAP KERNEL 7.54 64-BIT SP 200 PL 000200
    • SAP KERNEL 7.54 64-BIT UNICODE SP 200 PL 000200
    • SAP KERNEL 7.77 64-BIT UNICODE SP 557 PL 000557
    • SAP KERNEL 7.85 64-BIT UNICODE SP 253 PL 000253
    • SAP KERNEL 7.89 64-BIT UNICODE SP 125 PL 000125
    • SAP KERNEL 7.91 64-BIT UNICODE SP 032 PL 000032
    • SAP KERNEL 7.92 64-BIT UNICODE SP 015 PL 000015
    • SAP KERNEL 7.93 SP 004 PL 000004
    • SAP KERNEL 8.04 64-BIT UNICODE SP 224 PL 000224
    • SAP WEB DISPATCHER 7.22_EXT SP 1310 001310
    • SAP WEB DISPATCHER 7.53 SP 1213 001213
    • SAP WEB DISPATCHER 7.54 SP 200 PL 000200
    • SAP WEB DISPATCHER 7.77 SP 557 PL 000557
    • SAP WEB DISPATCHER 7.85 SP 253 PL 000253
    • SAP WEB DISPATCHER 7.89 SP 125 PL 000125
    • XS RUNTIME 1 SP 001 PL 000003
      (Check SAP Note 3327896 for detailed information on affected releases)
  • Vulnerability Class: CWE-476
  • CVSS v3 score: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Risk Level: High
  • Assigned CVE: CVE-2023-40308
  • Vendor patch Information: SAP Security NOTE 3327896

About our Research Labs

Onapsis Research Labs provides the industry analysis of key security issues that impact mission-critical systems and applications.

Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community.

Find all reported vulnerabilities at:
https://github.com/Onapsis/vulnerability_advisories

This advisory is licensed under a Creative Commons 4.0 BY-ND International License

Sitemap  | Terms of Use | Privacy Policy   |  Quality Policy  |  Disclosure PolicySecurity Vulnerability Reporting Guidelines |  ©2025 Onapsis  |  All rights reserved