Bug 2253193 (CVE-2023-45287)

Summary: CVE-2023-45287 golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.
Product: [Other] Security Response Reporter: Patrick Del Bello <pdelbell>
Component: vulnerabilityAssignee: Sayan Biswas <sabiswas>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aazores, abishop, adudiak, ahanwate, amasferr, amctagga, ansmith, aoconnor, asatyam, askrabec, bbuckingham, bcourt, bdettelb, bniver, bodavis, chazlett, davidn, dbenoit, debarshir, dfreiber, dhanak, diagrawa, dkenigsb, dperaza, drow, dsimansk, dymurray, eaguilar, ebaron, eglynn, ehelms, emachado, epacific, fdeutsch, flucifre, ganandan, gmeno, gparvin, gsuckevi, jaharrin, jburrell, jcammara, jcantril, jchui, jeder, jhardy, jjoyce, jkang, jkoehler, jmatthew, jneedle, jobarker, joelsmith, jpallich, jschluet, jsherril, kaycoth, kingland, kshier, kverlaen, lbainbri, lhh, lmadsen, lsvaty, lzap, mabashia, matzew, mbenjamin, mbocek, mburns, mcressma, mgarciac, mhackett, mhulan, mkudlej, mmagr, mnewsome, mnovotny, mrunge, mwringe, njean, nmoumoul, nobody, orabin, oramraz, owatkins, pahickey, pcreech, peholase, pgrist, pierdipi, pjindal, rchan, rguimara, rhaigner, rhos-maint, rhuss, rjohnson, saroy, sdawley, sfroberg, shbose, simaishi, sipoyare, skontopo, smcdonal, smullick, sostapov, stcannon, teagle, tfister, tjochec, tsweeney, vereddy, vimalkum, vkumar, whayutin, yguenane, zsadeh
Target Milestone: ---Keywords: Security
Target Release: ---Flags: tsweeney: needinfo? (pdelbell)
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: golang 1.20 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2253205, 2253206, 2253207, 2253208, 2253194, 2253195, 2253197, 2253198, 2253199, 2253201, 2253202, 2253203, 2253204, 2253209, 2253210, 2253213, 2253214, 2279582    
Bug Blocks: 2253190    

Description Patrick Del Bello 2023-12-06 13:50:49 UTC 
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels.

https://go.dev/cl/326012/26
https://go.dev/issue/20654
https://groups.google.com/g/golang-announce/c/QMK8IQALDvA
https://people.redhat.com/~hkario/marvin/
https://pkg.go.dev/vuln/GO-2023-2375
Comment 1 Patrick Del Bello 2023-12-06 13:52:00 UTC 
Created golang tracking bugs for this issue:

Affects: epel-all [bug 2253194]
Affects: fedora-all [bug 2253195]
Comment 8 Debarshi Ray 2023-12-18 18:27:47 UTC 
I see that there are bugs created for toolbox in RHEL 8, but not RHEL 9.  Why is that?  The code is exactly the same in both.
Comment 9 Patrick Del Bello 2023-12-19 13:55:11 UTC 
Thanks for highlighting that debarshir. Allow me to check internally.
Comment 22 Vimal Kumar 2024-02-08 16:18:11 UTC 
is there any advisory which shows in which exact golang version this CVE is fixed?
Comment 23 errata-xmlrpc 2024-02-08 18:20:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0748 https://access.redhat.com/errata/RHSA-2024:0748
Comment 24 errata-xmlrpc 2024-02-27 22:29:02 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7201 https://access.redhat.com/errata/RHSA-2023:7201
Comment 25 errata-xmlrpc 2024-02-27 22:46:55 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7200 https://access.redhat.com/errata/RHSA-2023:7200
Comment 26 errata-xmlrpc 2024-02-28 00:20:15 UTC 
This issue has been addressed in the following products:

  RODOO-1.1-RHEL-9

Via RHSA-2024:0269 https://access.redhat.com/errata/RHSA-2024:0269
Comment 28 errata-xmlrpc 2024-03-05 00:34:34 UTC 
This issue has been addressed in the following products:

  STF-1.5-RHEL-8

Via RHSA-2024:1078 https://access.redhat.com/errata/RHSA-2024:1078
Comment 29 errata-xmlrpc 2024-03-06 14:40:04 UTC 
This issue has been addressed in the following products:

  OSSO-1.2-RHEL-9

Via RHSA-2024:0281 https://access.redhat.com/errata/RHSA-2024:0281
Comment 31 errata-xmlrpc 2024-04-16 17:26:11 UTC 
This issue has been addressed in the following products:

  OADP-1.3-RHEL-9

Via RHSA-2024:1859 https://access.redhat.com/errata/RHSA-2024:1859
Comment 32 errata-xmlrpc 2024-04-18 07:18:34 UTC 
This issue has been addressed in the following products:

  Service Interconnect 1 for RHEL 9

Via RHSA-2024:1901 https://access.redhat.com/errata/RHSA-2024:1901
Comment 33 errata-xmlrpc 2024-04-30 09:45:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2180 https://access.redhat.com/errata/RHSA-2024:2180
Comment 34 errata-xmlrpc 2024-04-30 09:46:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2193 https://access.redhat.com/errata/RHSA-2024:2193
Comment 35 errata-xmlrpc 2024-04-30 09:54:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2239 https://access.redhat.com/errata/RHSA-2024:2239
Comment 36 errata-xmlrpc 2024-04-30 09:55:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2245 https://access.redhat.com/errata/RHSA-2024:2245
Comment 37 errata-xmlrpc 2024-04-30 09:58:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2272 https://access.redhat.com/errata/RHSA-2024:2272
Comment 40 errata-xmlrpc 2024-05-22 09:28:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:2988 https://access.redhat.com/errata/RHSA-2024:2988
Comment 41 errata-xmlrpc 2024-05-22 20:11:23 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 8

Via RHSA-2024:2767 https://access.redhat.com/errata/RHSA-2024:2767
Comment 42 errata-xmlrpc 2024-05-22 20:38:06 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 9

Via RHSA-2024:2729 https://access.redhat.com/errata/RHSA-2024:2729
Comment 43 errata-xmlrpc 2024-05-22 20:41:22 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 9

Via RHSA-2024:2730 https://access.redhat.com/errata/RHSA-2024:2730
Comment 44 errata-xmlrpc 2024-05-23 06:39:42 UTC 
This issue has been addressed in the following products:

  MTA-7.0-RHEL-9
  MTA-7.0-RHEL-8

Via RHSA-2024:3316 https://access.redhat.com/errata/RHSA-2024:3316
Comment 48 errata-xmlrpc 2024-07-09 12:51:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4429 https://access.redhat.com/errata/RHSA-2024:4429