Bug 2315719 (CVE-2024-9355)

Summary: CVE-2024-9355 golang-fips: Golang FIPS zeroed buffer
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: amctagga, anjoseph, ansmith, anthomas, bbuckingham, bkabrda, brking, chazlett, chfoley, crizzo, danken, debarshir, dhanak, dholler, dsimansk, eglynn, ehelms, fdeutsch, ggainey, gkamathe, haoli, hkataria, hlawatschek, jaharrin, jajackso, jburrell, jcammara, jeder, jjoyce, jmitchel, jneedle, jprabhak, jschluet, jscholz, juwatts, kegrant, kingland, koliveir, kshier, kverlaen, lball, lchilton, lhh, lsturman, lsvaty, mabashia, manissin, matzew, mbocek, mburns, mgarciac, mhulan, mmagr, mnovotny, ngough, nmoumoul, nobody, oramraz, osousa, pbraun, pcreech, pdelbell, peholase, pgrist, phoracek, pierdipi, pjindal, rchan, rguimara, rhuss, saroy, sausingh, sdawley, security-response-team, sfeifer, shvarugh, simaishi, smallamp, smartand, smcdonal, smullick, stcannon, stirabos, swoodman, teagle, tfister, thason, thavo, veshanka, wtam, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---Flags: debarshir: needinfo? (bzimport)
debarshir: needinfo? (pdelbell)
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2024-09-30 17:59:28 UTC 
Binaries built with golang-1.21.13-3.el9_4 and
golang-1.21.13-2.module+el8.10.0+22329+6cd5c9c6 may
intermittently return a zeroed buffer from (*boringHMAC).Sum() in FIPS mode due to an uninitialized buffer length variable in the CGO bindings.  This bug occurs randomly based on the stack layout at the time of the function call.  It is not vulnerable to eg. buffer overflow attack because the underlying openssl routine checks the bounds of the buffer before writing
to it.  However, it may be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker is able to send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
Comment 1 Debarshi Ray 2024-10-01 23:50:34 UTC 
(In reply to OSIDB Bzimport from comment #0)
> Binaries built with golang-1.21.13-3.el9_4 and
> golang-1.21.13-2.module+el8.10.0+22329+6cd5c9c6 may
> intermittently return a zeroed buffer from (*boringHMAC).Sum() in FIPS mode
> due to an uninitialized buffer length variable in the CGO bindings.

What do these NEVRA numbers really mean?  Does a Go binary have to be compiled with one of these exact NEVRAs to have this bug?  Or older?  Or newer?
Comment 3 errata-xmlrpc 2024-10-02 11:42:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:7502 https://access.redhat.com/errata/RHSA-2024:7502
Comment 4 errata-xmlrpc 2024-10-02 18:20:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:7550 https://access.redhat.com/errata/RHSA-2024:7550
Comment 5 Debarshi Ray 2024-10-09 23:28:26 UTC 
I am still looking for someone who can answer comment 1
Comment 6 errata-xmlrpc 2024-10-22 15:08:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8327 https://access.redhat.com/errata/RHSA-2024:8327
Comment 7 errata-xmlrpc 2024-10-30 19:36:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:8678 https://access.redhat.com/errata/RHSA-2024:8678
Comment 8 errata-xmlrpc 2024-11-05 03:53:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8847 https://access.redhat.com/errata/RHSA-2024:8847
Comment 9 errata-xmlrpc 2024-11-13 14:50:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2024:9551 https://access.redhat.com/errata/RHSA-2024:9551
Comment 10 errata-xmlrpc 2024-11-21 01:08:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2024:10133 https://access.redhat.com/errata/RHSA-2024:10133
Comment 11 errata-xmlrpc 2025-03-05 20:59:12 UTC 
This issue has been addressed in the following products:

  Streams for Apache Kafka 2.9.0

Via RHSA-2025:2416 https://access.redhat.com/errata/RHSA-2025:2416
Comment 17 errata-xmlrpc 2025-05-13 10:03:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:7118 https://access.redhat.com/errata/RHSA-2025:7118
Comment 18 errata-xmlrpc 2025-05-13 10:29:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:7256 https://access.redhat.com/errata/RHSA-2025:7256
Comment 19 errata-xmlrpc 2025-05-14 17:48:49 UTC 
This issue has been addressed in the following products:

  Satellite Client 6 for RHEL 8
  Satellite Client 6 for RHEL 9
  Satellite Client 6 for RHEL 10

Via RHSA-2025:7624 https://access.redhat.com/errata/RHSA-2025:7624