All the vulnerabilites related to Go standard library - crypto/tls
cve-2023-39321
Vulnerability from cvelistv5
Published
2023-09-08 16:13
Modified
2024-09-26 17:25
Severity ?
EPSS score ?
Summary
Panic when processing post-handshake message on QUIC connections in crypto/tls
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 1.21.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:02:06.893Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/62266" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/523039" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-2044" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39321", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T17:23:57.925389Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-26T17:25:25.677Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "QUICConn.HandleData" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.21.1", "status": "affected", "version": "1.21.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Marten Seemann" } ], "descriptions": [ { "lang": "en", "value": "Processing an incomplete post-handshake message for a QUIC connection can cause a panic." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T21:14:51.855Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/62266" }, { "url": "https://go.dev/cl/523039" }, { "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-2044" }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Panic when processing post-handshake message on QUIC connections in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-39321", "datePublished": "2023-09-08T16:13:30.386Z", "dateReserved": "2023-07-27T17:05:55.187Z", "dateUpdated": "2024-09-26T17:25:25.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41724
Vulnerability from cvelistv5
Published
2023-02-28 17:19
Modified
2024-08-03 12:49
Severity ?
EPSS score ?
Summary
Panic on large handshake records in crypto/tls
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.20.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:49:43.929Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/58001" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/468125" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1570" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "handshakeMessage.marshal" }, { "name": "Conn.writeRecord" }, { "name": "Conn.readHandshake" }, { "name": "Conn.handleRenegotiation" }, { "name": "Conn.handlePostHandshakeMessage" }, { "name": "Conn.handleKeyUpdate" }, { "name": "Conn.clientHandshake" }, { "name": "Conn.loadSession" }, { "name": "clientHandshakeState.handshake" }, { "name": "clientHandshakeState.doFullHandshake" }, { "name": "clientHandshakeState.readFinished" }, { "name": "clientHandshakeState.readSessionTicket" }, { "name": "clientHandshakeState.sendFinished" }, { "name": "clientHandshakeStateTLS13.handshake" }, { "name": "clientHandshakeStateTLS13.sendDummyChangeCipherSpec" }, { "name": "clientHandshakeStateTLS13.processHelloRetryRequest" }, { "name": "clientHandshakeStateTLS13.readServerParameters" }, { "name": "clientHandshakeStateTLS13.readServerCertificate" }, { "name": "clientHandshakeStateTLS13.readServerFinished" }, { "name": "clientHandshakeStateTLS13.sendClientCertificate" }, { "name": "clientHandshakeStateTLS13.sendClientFinished" }, { "name": "clientHelloMsg.marshal" }, { "name": "clientHelloMsg.marshalWithoutBinders" }, { "name": "clientHelloMsg.updateBinders" }, { "name": "serverHelloMsg.marshal" }, { "name": "encryptedExtensionsMsg.marshal" }, { "name": "endOfEarlyDataMsg.marshal" }, { "name": "keyUpdateMsg.marshal" }, { "name": "newSessionTicketMsgTLS13.marshal" }, { "name": "certificateRequestMsgTLS13.marshal" }, { "name": "certificateMsg.marshal" }, { "name": "certificateMsgTLS13.marshal" }, { "name": "serverKeyExchangeMsg.marshal" }, { "name": "certificateStatusMsg.marshal" }, { "name": "serverHelloDoneMsg.marshal" }, { "name": "clientKeyExchangeMsg.marshal" }, { "name": "finishedMsg.marshal" }, { "name": "certificateRequestMsg.marshal" }, { "name": "certificateVerifyMsg.marshal" }, { "name": "newSessionTicketMsg.marshal" }, { "name": "helloRequestMsg.marshal" }, { "name": "Conn.readClientHello" }, { "name": "serverHandshakeState.doResumeHandshake" }, { "name": "serverHandshakeState.doFullHandshake" }, { "name": "serverHandshakeState.readFinished" }, { "name": "serverHandshakeState.sendSessionTicket" }, { "name": "serverHandshakeState.sendFinished" }, { "name": "serverHandshakeStateTLS13.checkForResumption" }, { "name": "serverHandshakeStateTLS13.sendDummyChangeCipherSpec" }, { "name": "serverHandshakeStateTLS13.doHelloRetryRequest" }, { "name": "serverHandshakeStateTLS13.sendServerParameters" }, { "name": "serverHandshakeStateTLS13.sendServerCertificate" }, { "name": "serverHandshakeStateTLS13.sendServerFinished" }, { "name": "serverHandshakeStateTLS13.sendSessionTickets" }, { "name": "serverHandshakeStateTLS13.readClientCertificate" }, { "name": "serverHandshakeStateTLS13.readClientFinished" }, { "name": "cipherSuiteTLS13.expandLabel" }, { "name": "sessionState.marshal" }, { "name": "sessionStateTLS13.marshal" }, { "name": "Conn.Handshake" }, { "name": "Conn.HandshakeContext" }, { "name": "Conn.Read" }, { "name": "Conn.Write" }, { "name": "ConnectionState.ExportKeyingMaterial" }, { "name": "Dial" }, { "name": "DialWithDialer" }, { "name": "Dialer.Dial" }, { "name": "Dialer.DialContext" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.19.6", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.1", "status": "affected", "version": "1.20.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Marten Seemann" } ], "descriptions": [ { "lang": "en", "value": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert)." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:05:53.918Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/58001" }, { "url": "https://go.dev/cl/468125" }, { "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1570" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Panic on large handshake records in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-41724", "datePublished": "2023-02-28T17:19:44.420Z", "dateReserved": "2022-09-28T17:00:06.611Z", "dateUpdated": "2024-08-03T12:49:43.929Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39322
Vulnerability from cvelistv5
Published
2023-09-08 16:13
Modified
2024-09-26 15:56
Severity ?
EPSS score ?
Summary
Memory exhaustion in QUIC connection handling in crypto/tls
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 1.21.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:02:07.098Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/62266" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/523039" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-2045" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:go_standard_library:crypto_tls:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "crypto_tls", "vendor": "go_standard_library", "versions": [ { "lessThan": "1.21.1", "status": "affected", "version": "1.21.0-0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39322", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-26T15:53:33.932737Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-26T15:56:13.357Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "QUICConn.HandleData" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.21.1", "status": "affected", "version": "1.21.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Marten Seemann" } ], "descriptions": [ { "lang": "en", "value": "QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T21:14:59.364Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/62266" }, { "url": "https://go.dev/cl/523039" }, { "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-2045" }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Memory exhaustion in QUIC connection handling in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-39322", "datePublished": "2023-09-08T16:13:32.795Z", "dateReserved": "2023-07-27T17:05:55.187Z", "dateUpdated": "2024-09-26T15:56:13.357Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30629
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Session tickets lack random ticket_age_add in crypto/tls
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:56:13.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/405994" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/52814" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2022-0531" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "serverHandshakeStateTLS13.sendSessionTickets" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.17.11", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.18.3", "status": "affected", "version": "1.18.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Github user @nervuri" } ], "descriptions": [ { "lang": "en", "value": "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-200: Information Exposure", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T19:04:50.302Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/cl/405994" }, { "url": "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5" }, { "url": "https://go.dev/issue/52814" }, { "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0531" } ], "title": "Session tickets lack random ticket_age_add in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30629", "datePublished": "2022-08-09T20:17:31", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:13.230Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29409
Vulnerability from cvelistv5
Published
2023-08-02 19:47
Modified
2024-10-22 14:16
Severity ?
EPSS score ?
Summary
Large RSA keys can cause high CPU usage in crypto/tls
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.20.0-0 ≤ Version: 1.21.0-0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:46.160Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/61460" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/515257" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-1987" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-29409", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T14:15:51.334084Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-22T14:16:01.839Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "Conn.verifyServerCertificate" }, { "name": "Conn.processCertsFromClient" }, { "name": "Conn.Handshake" }, { "name": "Conn.HandshakeContext" }, { "name": "Conn.Read" }, { "name": "Conn.Write" }, { "name": "Dial" }, { "name": "DialWithDialer" }, { "name": "Dialer.Dial" }, { "name": "Dialer.DialContext" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.19.12", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "1.20.7", "status": "affected", "version": "1.20.0-0", "versionType": "semver" }, { "lessThan": "1.21.0-rc.4", "status": "affected", "version": "1.21.0-0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "Mateusz Poliwczak" } ], "descriptions": [ { "lang": "en", "value": "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to \u003c= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-02T19:47:23.829Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/61460" }, { "url": "https://go.dev/cl/515257" }, { "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ" }, { "url": "https://pkg.go.dev/vuln/GO-2023-1987" }, { "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" }, { "url": "https://security.gentoo.org/glsa/202311-09" } ], "title": "Large RSA keys can cause high CPU usage in crypto/tls" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-29409", "datePublished": "2023-08-02T19:47:23.829Z", "dateReserved": "2023-04-05T19:36:35.043Z", "dateUpdated": "2024-10-22T14:16:01.839Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-45287
Vulnerability from cvelistv5
Published
2023-12-05 16:18
Modified
2024-08-02 20:21
Severity ?
EPSS score ?
Summary
Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Go standard library | crypto/tls |
Version: 0 ≤ |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:21:15.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://go.dev/issue/20654" }, { "tags": [ "x_transferred" ], "url": "https://go.dev/cl/326012/26" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/QMK8IQALDvA" }, { "tags": [ "x_transferred" ], "url": "https://people.redhat.com/~hkario/marvin/" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/vuln/GO-2023-2375" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240112-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "packageName": "crypto/tls", "product": "crypto/tls", "programRoutines": [ { "name": "rsaKeyAgreement.processClientKeyExchange" }, { "name": "rsaKeyAgreement.generateClientKeyExchange" }, { "name": "Conn.Handshake" }, { "name": "Conn.HandshakeContext" }, { "name": "Conn.Read" }, { "name": "Conn.Write" }, { "name": "Dial" }, { "name": "DialWithDialer" }, { "name": "Dialer.Dial" }, { "name": "Dialer.DialContext" } ], "vendor": "Go standard library", "versions": [ { "lessThan": "1.20.0", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-208: Observable Timing Discrepancy", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-05T16:18:06.104Z", "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go" }, "references": [ { "url": "https://go.dev/issue/20654" }, { "url": "https://go.dev/cl/326012/26" }, { "url": "https://groups.google.com/g/golang-announce/c/QMK8IQALDvA" }, { "url": "https://people.redhat.com/~hkario/marvin/" }, { "url": "https://pkg.go.dev/vuln/GO-2023-2375" }, { "url": "https://security.netapp.com/advisory/ntap-20240112-0005/" } ], "title": "Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel" } }, "cveMetadata": { "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2023-45287", "datePublished": "2023-12-05T16:18:06.104Z", "dateReserved": "2023-10-06T17:06:26.221Z", "dateUpdated": "2024-08-02T20:21:15.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }