CVE-2023-24609: 
MatrixSSL vulnerability analysis and mitigation

MatrixSSL versions 4.x through 4.6.0 and Rambus TLS Toolkit contain a critical denial of service (DoS) vulnerability in the TLS 1.3 server implementation. The vulnerability exists in the Client Hello Pre-Shared Key extension parsing functionality, specifically in the tls13VerifyBinder and tls13TranscriptHashUpdate functions. The issue was discovered by Security Evaluators of Telekom Security using modern fuzzing methods (Telekom Advisory, Rambus TLS).

The vulnerability stems from a length-subtraction integer overflow in the TLS 1.3 server when parsing the Client Hello Pre-Shared Key extension. When exploited, the server calculates an SHA-2 hash over at least 65 KB of data in RAM. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited through a large number of crafted TLS messages, the vulnerability can cause the CPU to become heavily loaded, potentially leading to a denial of service condition. This affects the server's availability and performance (NVD).

Users should upgrade to patched versions of the software when available. The vulnerability affects MatrixSSL versions 4.0.0 through 4.6.0 and the Rambus TLS Toolkit (NVD).