Full title: Noise-Java AESGCMFallbackCipherState.encryptWithAd() Insufficient Boundary Checks Exploit 
Category: dos / poc
Platform: java
Noise-Java suffers from an issue located in the AESGCMFallbackCipherState.encryptWithAd() method defined in AESGCMFallbackCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks were found to be either incomplete or missing.

# 0day.today @ http://0day.today/