CVE-2023-36327: 
NixOS vulnerability analysis and mitigation

An Integer Overflow vulnerability was discovered in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e. The vulnerability exists in the pos argument in bngetprime function, which could allow attackers to execute arbitrary code and cause a denial of service (NVD). The vulnerability was disclosed and patched in November 2022.

The vulnerability is classified as an Integer Overflow (CWE-190) with a CVSS v3.1 Base Score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The issue specifically occurs in the bngetprime function where a negative pos value could bypass error checking and cause global buffer corruption (RELIC Discussion).

The vulnerability can lead to arbitrary code execution and denial of service conditions. Due to the critical CVSS score and the nature of the overflow, successful exploitation could give attackers complete control over the affected system (NVD).

The vulnerability has been patched in commit 421f2e91cf2ba42473d4d54daf24e295679e290e, which removes the dangerous API for returning small primes from an internal table. Users should update to a version after this commit to mitigate the vulnerability (RELIC Commit).

The RELIC developers acknowledged the vulnerability and noted that RELIC is considered 'at best alpha-quality software' useful for research purposes only. They mentioned that the dynamic memory part has never been properly hardened or fuzzed (RELIC Discussion).