Vulnerability-Lookup

CVE-2026-46689 (GCVE-0-2026-46689)

Vulnerability from cvelistv5 – Published: 2026-06-10 20:28 – Updated: 2026-06-11 12:55

Title

Kanidm: Unauthenticated process abort via SCIM filter stack exhaustion

Summary

Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds to stack overflow with std::process::abort() — the entire kanidmd process exits. The parse runs inside axum's Query<ScimEntryGetQuery> extractor, before any handler body and therefore before any ACL check. This issue has been patched in version 1.9.3.

Severity

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-248 - Uncaught Exception
CWE-400 - Uncontrolled Resource Consumption
CWE-674 - Uncontrolled Recursion

Assigner

GitHub_M

References

2 references

URL	Tags
https://github.com/kanidm/kanidm/security/advisor…	x_refsource_CONFIRM
https://github.com/kanidm/kanidm/releases/tag/v1.9.3	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
kanidm	kanidm	Affected: < 1.9.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-46689",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-11T12:55:52.379516Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-11T12:55:59.122Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kanidm",
          "vendor": "kanidm",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.9.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (\u2248 4\u201312 KB) drives the recursive-descent PEG parser past the worker thread\u0027s stack guard page. Rust responds to stack overflow with std::process::abort() \u2014 the entire kanidmd process exits. The parse runs inside axum\u0027s Query\u003cScimEntryGetQuery\u003e extractor, before any handler body and therefore before any ACL check. This issue has been patched in version 1.9.3."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248: Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T20:28:44.009Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh"
        },
        {
          "name": "https://github.com/kanidm/kanidm/releases/tag/v1.9.3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kanidm/kanidm/releases/tag/v1.9.3"
        }
      ],
      "source": {
        "advisory": "GHSA-r5fr-9gmv-jggh",
        "discovery": "UNKNOWN"
      },
      "title": "Kanidm: Unauthenticated process abort via SCIM filter stack exhaustion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-46689",
    "datePublished": "2026-06-10T20:28:44.009Z",
    "dateReserved": "2026-05-15T21:46:51.548Z",
    "dateUpdated": "2026-06-11T12:55:59.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-46689",
      "date": "2026-06-14",
      "epss": "0.00042",
      "percentile": "0.13338"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-46689\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-10T22:17:00.443\",\"lastModified\":\"2026-06-11T15:36:29.197\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (\u2248 4\u201312 KB) drives the recursive-descent PEG parser past the worker thread\u0027s stack guard page. Rust responds to stack overflow with std::process::abort() \u2014 the entire kanidmd process exits. The parse runs inside axum\u0027s Query\u003cScimEntryGetQuery\u003e extractor, before any handler body and therefore before any ACL check. This issue has been patched in version 1.9.3.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"},{\"lang\":\"en\",\"value\":\"CWE-400\"},{\"lang\":\"en\",\"value\":\"CWE-674\"}]}],\"references\":[{\"url\":\"https://github.com/kanidm/kanidm/releases/tag/v1.9.3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"Kanidm: Unauthenticated process abort via SCIM filter stack exhaustion\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-248\", \"lang\": \"en\", \"description\": \"CWE-248: Uncaught Exception\", \"type\": \"CWE\"}]}, {\"descriptions\": [{\"cweId\": \"CWE-400\", \"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\", \"type\": \"CWE\"}]}, {\"descriptions\": [{\"cweId\": \"CWE-674\", \"lang\": \"en\", \"description\": \"CWE-674: Uncontrolled Recursion\", \"type\": \"CWE\"}]}], \"metrics\": [{\"cvssV4_0\": {\"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N\", \"version\": \"4.0\"}}], \"references\": [{\"name\": \"https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh\", \"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh\"}, {\"name\": \"https://github.com/kanidm/kanidm/releases/tag/v1.9.3\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/kanidm/kanidm/releases/tag/v1.9.3\"}], \"affected\": [{\"vendor\": \"kanidm\", \"product\": \"kanidm\", \"versions\": [{\"version\": \"\u003c 1.9.3\", \"status\": \"affected\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-10T20:28:44.009Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (\\u2248 4\\u201312 KB) drives the recursive-descent PEG parser past the worker thread\u0027s stack guard page. Rust responds to stack overflow with std::process::abort() \\u2014 the entire kanidmd process exits. The parse runs inside axum\u0027s Query\u003cScimEntryGetQuery\u003e extractor, before any handler body and therefore before any ACL check. This issue has been patched in version 1.9.3.\"}], \"source\": {\"advisory\": \"GHSA-r5fr-9gmv-jggh\", \"discovery\": \"UNKNOWN\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46689\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-11T12:55:52.379516Z\"}}}], \"references\": [{\"url\": \"https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-11T12:55:43.226Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-46689\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"GitHub_M\", \"dateReserved\": \"2026-05-15T21:46:51.548Z\", \"datePublished\": \"2026-06-10T20:28:44.009Z\", \"dateUpdated\": \"2026-06-11T12:55:59.122Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-46689

Vulnerability from fkie_nvd - Published: 2026-06-10 22:17 - Updated: 2026-06-11 15:36

Severity

8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/kanidm/kanidm/releases/tag/v1.9.3
	security-advisories@github.com	https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (\u2248 4\u201312 KB) drives the recursive-descent PEG parser past the worker thread\u0027s stack guard page. Rust responds to stack overflow with std::process::abort() \u2014 the entire kanidmd process exits. The parse runs inside axum\u0027s Query\u003cScimEntryGetQuery\u003e extractor, before any handler body and therefore before any ACL check. This issue has been patched in version 1.9.3."
    }
  ],
  "id": "CVE-2026-46689",
  "lastModified": "2026-06-11T15:36:29.197",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-06-10T22:17:00.443",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/kanidm/kanidm/releases/tag/v1.9.3"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        },
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-674"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GHSA-R5FR-9GMV-JGGH

Vulnerability from github – Published: 2026-05-06 23:38 – Updated: 2026-05-19 16:08

Summary

scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion

Details

Summary

A single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses (≈ 4–12 KB) drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds to stack overflow with std::process::abort() — the entire kanidmd process exits. The parse runs inside axum's Query<ScimEntryGetQuery> extractor, before any handler body and therefore before any ACL check.

Details

The SCIM filter grammar recurses on ( and not ( with no depth bound.

proto/src/scim_v1/mod.rs:263-433 — peg::parser! { grammar scimfilter() ... }:

// line 281
"not" separator()+ "(" e:parse() ")" { ScimFilter::Not(Box::new(e)) }
// line 293
"(" e:parse() ")" { e }

Both rules re-enter parse() without a depth counter.

proto/src/scim_v1/mod.rs:442-447 — impl FromStr for ScimFilter calls scimfilter::parse(input) directly on the raw string with no length or depth pre-check.

proto/src/scim_v1/mod.rs:80-81 — ScimEntryGetQuery.filter is #[serde_as(as = "Option<DisplayFromStr>")], so deserialising the query struct invokes ScimFilter::from_str on attacker bytes.

Unauthenticated reachability — nine handlers in server/core/src/https/v1_scim.rs (route table at lines 865-1029) take Query<ScimEntryGetQuery> as an argument: /scim/v1/Entry, /scim/v1/Entry/{id}, /scim/v1/Person/{id}, /scim/v1/Application, /scim/v1/Application/{id}, /scim/v1/Class, /scim/v1/Attribute, /scim/v1/Message, /scim/v1/Message/{id}. The SCIM router is merged unconditionally for every server role (server/core/src/https/mod.rs:312).

Axum extracts handler arguments before the handler body runs. The preceding VerifiedClientInformation extractor (server/core/src/https/extractors/mod.rs:16-91) always returns Ok (line 89) regardless of credentials; authorization is deferred to the handler body, which is never reached.

The existing semantic depth limit (DEFAULT_LIMIT_FILTER_DEPTH_MAX = 12, server/lib/src/constants/mod.rs:212) is enforced in Filter::from_scim_ro (server/lib/src/filter.rs:786) after the PEG parse has already produced an AST, so it cannot prevent the parser itself from blowing the stack.

The production daemon (server/daemon/src/main.rs:735-744) uses new_multi_thread() with default 2 MiB worker stacks; hyper's max_buf_size (~400 KiB) is not lowered (server/core/src/https/mod.rs:708-727), so a 12 KB URI is accepted.

An identical unbounded grammar exists in libs/scim_proto/src/filter.rs:112-276 (not network-reachable, but should be fixed in the same patch).

PoC

curl -sk "https://idm.example.com/scim/v1/Application?filter=$(python3 -c 'print("("*3000+"a+pr"+")"*3000)')"
# → curl: (52) Empty reply from server
# → server journal: "fatal runtime error: stack overflow, aborting", SIGABRT

Release-build threshold measured at ~2 000 nesting levels / ~4 KB:

$ cargo test --release -p kanidm_proto --test scim_filter_depth -- --nocapture
parens depth=1500 len=3004
  -> survived
parens depth=2000 len=4004

thread 'audit_scim_filter_nested_parens' has overflowed its stack
fatal runtime error: stack overflow, aborting
  (signal: 6, SIGABRT: process abort signal)

End-to-end against an in-process server via kanidmd_testkit (no authentication performed):

Testkit server setup complete - http://localhost:18080/
audit_scim_dos: sending unauthenticated GET, url len = 12056

thread '...' has overflowed its stack
fatal runtime error: stack overflow, aborting
  (signal: 6, SIGABRT: process abort signal)

Impact

Process-wide availability loss; no confidentiality or integrity impact.

Unauthenticated, default install, no feature flag required.
Process abort, not task panic. Stack overflow triggers libstd's guard-page handler, which calls std::process::abort(). tokio's per-task catch_unwind isolation does not apply to aborts. All in-flight HTTP requests, OAuth2/OIDC sessions, LDAP binds, and the web UI are terminated.
Repeatable. One ~12 KB GET per crash; a while true; do curl ...; done loop holds the service down indefinitely across supervisor restarts.
The 6 011-byte variant (depth=3000) fits under the nginx default large_client_header_buffers limit of 8 KB, so a typical reverse proxy does not mitigate.

Affected: v1.7.0 through master @ edf50b9da.

Severity

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.9.2"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "scim_proto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.9.2"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "kanidm_proto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46689"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-248",
      "CWE-400",
      "CWE-674"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-06T23:38:49Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nA single unauthenticated `GET` to any `/scim/v1/...` endpoint with a `?filter=` query string of a few thousand nested parentheses (\u2248 4\u201312 KB) drives the recursive-descent PEG parser past the worker thread\u0027s stack guard page. Rust responds to stack overflow with `std::process::abort()` \u2014 the entire `kanidmd` process exits. The parse runs inside axum\u0027s `Query\u003cScimEntryGetQuery\u003e` extractor, before any handler body and therefore before any ACL check.\n\n### Details\n\nThe SCIM filter grammar recurses on `(` and `not (` with no depth bound.\n\n**`proto/src/scim_v1/mod.rs:263-433`** \u2014 `peg::parser! { grammar scimfilter() ... }`:\n\n```rust\n// line 281\n\"not\" separator()+ \"(\" e:parse() \")\" { ScimFilter::Not(Box::new(e)) }\n// line 293\n\"(\" e:parse() \")\" { e }\n```\n\nBoth rules re-enter `parse()` without a depth counter.\n\n**`proto/src/scim_v1/mod.rs:442-447`** \u2014 `impl FromStr for ScimFilter` calls `scimfilter::parse(input)` directly on the raw string with no length or depth pre-check.\n\n**`proto/src/scim_v1/mod.rs:80-81`** \u2014 `ScimEntryGetQuery.filter` is `#[serde_as(as = \"Option\u003cDisplayFromStr\u003e\")]`, so deserialising the query struct invokes `ScimFilter::from_str` on attacker bytes.\n\n**Unauthenticated reachability** \u2014 nine handlers in `server/core/src/https/v1_scim.rs` (route table at lines 865-1029) take `Query\u003cScimEntryGetQuery\u003e` as an argument: `/scim/v1/Entry`, `/scim/v1/Entry/{id}`, `/scim/v1/Person/{id}`, `/scim/v1/Application`, `/scim/v1/Application/{id}`, `/scim/v1/Class`, `/scim/v1/Attribute`, `/scim/v1/Message`, `/scim/v1/Message/{id}`. The SCIM router is merged unconditionally for every server role (`server/core/src/https/mod.rs:312`).\n\nAxum extracts handler arguments before the handler body runs. The preceding `VerifiedClientInformation` extractor (`server/core/src/https/extractors/mod.rs:16-91`) always returns `Ok` (line 89) regardless of credentials; authorization is deferred to the handler body, which is never reached.\n\nThe existing semantic depth limit (`DEFAULT_LIMIT_FILTER_DEPTH_MAX = 12`, `server/lib/src/constants/mod.rs:212`) is enforced in `Filter::from_scim_ro` (`server/lib/src/filter.rs:786`) **after** the PEG parse has already produced an AST, so it cannot prevent the parser itself from blowing the stack.\n\nThe production daemon (`server/daemon/src/main.rs:735-744`) uses `new_multi_thread()` with default 2 MiB worker stacks; hyper\u0027s `max_buf_size` (~400 KiB) is not lowered (`server/core/src/https/mod.rs:708-727`), so a 12 KB URI is accepted.\n\nAn identical unbounded grammar exists in `libs/scim_proto/src/filter.rs:112-276` (not network-reachable, but should be fixed in the same patch).\n\n### PoC\n\n```sh\ncurl -sk \"https://idm.example.com/scim/v1/Application?filter=$(python3 -c \u0027print(\"(\"*3000+\"a+pr\"+\")\"*3000)\u0027)\"\n# \u2192 curl: (52) Empty reply from server\n# \u2192 server journal: \"fatal runtime error: stack overflow, aborting\", SIGABRT\n```\n\nRelease-build threshold measured at ~2 000 nesting levels / ~4 KB:\n\n```\n$ cargo test --release -p kanidm_proto --test scim_filter_depth -- --nocapture\nparens depth=1500 len=3004\n  -\u003e survived\nparens depth=2000 len=4004\n\nthread \u0027audit_scim_filter_nested_parens\u0027 has overflowed its stack\nfatal runtime error: stack overflow, aborting\n  (signal: 6, SIGABRT: process abort signal)\n```\n\nEnd-to-end against an in-process server via `kanidmd_testkit` (no authentication performed):\n\n```\nTestkit server setup complete - http://localhost:18080/\naudit_scim_dos: sending unauthenticated GET, url len = 12056\n\nthread \u0027...\u0027 has overflowed its stack\nfatal runtime error: stack overflow, aborting\n  (signal: 6, SIGABRT: process abort signal)\n```\n\n### Impact\n\nProcess-wide availability loss; no confidentiality or integrity impact.\n\n- **Unauthenticated**, default install, no feature flag required.\n- **Process abort, not task panic.** Stack overflow triggers libstd\u0027s guard-page handler, which calls `std::process::abort()`. tokio\u0027s per-task `catch_unwind` isolation does not apply to aborts. All in-flight HTTP requests, OAuth2/OIDC sessions, LDAP binds, and the web UI are terminated.\n- **Repeatable.** One ~12 KB GET per crash; a `while true; do curl ...; done` loop holds the service down indefinitely across supervisor restarts.\n- The 6 011-byte variant (`depth=3000`) fits under the nginx default `large_client_header_buffers` limit of 8 KB, so a typical reverse proxy does not mitigate.\n\n**Affected**: v1.7.0 through `master` @ edf50b9da.",
  "id": "GHSA-r5fr-9gmv-jggh",
  "modified": "2026-05-19T16:08:23Z",
  "published": "2026-05-06T23:38:49Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kanidm/kanidm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-46689 (GCVE-0-2026-46689)

FKIE_CVE-2026-46689

GHSA-R5FR-9GMV-JGGH

Summary

Details

PoC

Impact

Tags

Sightings

Nomenclature