Listen to this Post
How the mentioned CVE works:
ASN.1 Object Identifiers (OIDs) are variable-length sequences of sub‑identifiers. In phpseclib’s `decodeOID()` function, each sub‑identifier is decoded by reading a variable number of bytes ($content) without any upper bound on the total length of the OID.
When processing an OID that contains an extremely long sub‑identifier (e.g., hundreds or thousands of bytes), the decoding loop performs an unbounded number of arithmetic operations (multiplication and addition) for every byte of the sub‑identifier.
Because the OID length is not checked, an attacker can craft an X.509 certificate or other ASN.1 file that embeds a pathological OID with an enormous sub‑identifier.
Once the library attempts to decode such an OID, the arithmetic loop spins until CPU resources are exhausted, effectively denying service to any application that parses untrusted ASN.1 input.
The vulnerability is categorized as a classical “uncontrolled resource consumption” issue (CWE‑400).
The patch (commit e325310) introduces a simple guardrail: before decoding, the function checks `if ($len > 4096) return false;` – capping the OID length at 4 KB.
All phpseclib versions prior to 1.0.23, 2.0.47, and 3.0.36 are affected.
DailyCVE form:
Platform: PHP phpseclib
Version: 2.0.46 <=
Vulnerability: OID Amplification DoS
Severity: High CVSS7.5
Date: May 8 2026
Prediction: Immediate update required
What Undercode Say:
Check installed phpseclib version via Composer
composer show phpseclib/phpseclib | grep versions
Update to a fixed version
composer require phpseclib/phpseclib:^3.0.36
Quick test: attempt to decode a malformed OID
php -r '$asn1 = new File_ASN1(); $asn1->decodeBER(file_get_contents("malformed.der"));'
Exploit:
Create a DER‑encoded OID where a sub‑identifier fills more than 50 KB of data. When `decodeOID()` is called, the arithmetic loop will consume 100% of a CPU core for seconds or minutes, depending on length. A single certificate can hang an entire server.
Protection from this CVE:
- Upgrade phpseclib to ≥1.0.23, ≥2.0.47, or ≥3.0.36 immediately.
- If patching is impossible, reject any ASN.1 file with an OID length >4096 bytes before passing it to phpseclib.
- Use a Web Application Firewall (WAF) to block suspicious X.509 certificates.
Impact:
Complete denial of service – any application that loads untrusted X.509 certificates, RSA keys, or PKCS8 blobs can be taken offline by a single crafted file. The attack requires no authentication and can be launched remotely.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
