Bug 2253193 (CVE-2023-45287) - CVE-2023-45287 golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. [NEEDINFO]
Summary: CVE-2023-45287 golang: crypto/tls: Timing Side Channel attack in RSA based TL...
Keywords:
Status: NEW
Alias: CVE-2023-45287
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Sayan Biswas
QA Contact:
URL:
Whiteboard:
Depends On: 2253202 2253205 2253206 2253207 2253208 2253214 2253194 2253195 2253197 2253198 2253199 2253201 2253203 2253204 2253209 2253210 2253213 2279582
Blocks: 2253190
TreeView+ depends on / blocked
 
Reported: 2023-12-06 13:50 UTC by Patrick Del Bello
Modified: 2024-07-09 12:51 UTC (History)
124 users (show)

Fixed In Version: golang 1.20
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.
Clone Of:
Environment:
Last Closed:
Embargoed:
tsweeney: needinfo? (pdelbell)


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:7200 0 None None None 2024-02-27 22:47:00 UTC
Red Hat Product Errata RHSA-2023:7201 0 None None None 2024-02-27 22:29:07 UTC
Red Hat Product Errata RHSA-2024:0269 0 None None None 2024-02-28 00:20:20 UTC
Red Hat Product Errata RHSA-2024:0281 0 None None None 2024-03-06 14:40:12 UTC
Red Hat Product Errata RHSA-2024:0748 0 None None None 2024-02-08 18:20:22 UTC
Red Hat Product Errata RHSA-2024:1078 0 None None None 2024-03-05 00:34:40 UTC
Red Hat Product Errata RHSA-2024:1859 0 None None None 2024-04-16 17:26:17 UTC
Red Hat Product Errata RHSA-2024:1901 0 None None None 2024-04-18 07:18:40 UTC
Red Hat Product Errata RHSA-2024:2180 0 None None None 2024-04-30 09:45:35 UTC
Red Hat Product Errata RHSA-2024:2193 0 None None None 2024-04-30 09:46:51 UTC
Red Hat Product Errata RHSA-2024:2239 0 None None None 2024-04-30 09:55:00 UTC
Red Hat Product Errata RHSA-2024:2245 0 None None None 2024-04-30 09:55:42 UTC
Red Hat Product Errata RHSA-2024:2272 0 None None None 2024-04-30 09:58:51 UTC
Red Hat Product Errata RHSA-2024:2729 0 None None None 2024-05-22 20:38:14 UTC
Red Hat Product Errata RHSA-2024:2730 0 None None None 2024-05-22 20:41:31 UTC
Red Hat Product Errata RHSA-2024:2767 0 None None None 2024-05-22 20:11:31 UTC
Red Hat Product Errata RHSA-2024:2988 0 None None None 2024-05-22 09:28:30 UTC
Red Hat Product Errata RHSA-2024:3316 0 None None None 2024-05-23 06:39:50 UTC
Red Hat Product Errata RHSA-2024:4429 0 None None None 2024-07-09 12:51:57 UTC

Description Patrick Del Bello 2023-12-06 13:50:49 UTC
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels.

https://go.dev/cl/326012/26
https://go.dev/issue/20654
https://groups.google.com/g/golang-announce/c/QMK8IQALDvA
https://people.redhat.com/~hkario/marvin/
https://pkg.go.dev/vuln/GO-2023-2375

Comment 1 Patrick Del Bello 2023-12-06 13:52:00 UTC
Created golang tracking bugs for this issue:

Affects: epel-all [bug 2253194]
Affects: fedora-all [bug 2253195]

Comment 8 Debarshi Ray 2023-12-18 18:27:47 UTC
I see that there are bugs created for toolbox in RHEL 8, but not RHEL 9.  Why is that?  The code is exactly the same in both.

Comment 9 Patrick Del Bello 2023-12-19 13:55:11 UTC
Thanks for highlighting that debarshir. Allow me to check internally.

Comment 22 Vimal Kumar 2024-02-08 16:18:11 UTC
is there any advisory which shows in which exact golang version this CVE is fixed?

Comment 23 errata-xmlrpc 2024-02-08 18:20:16 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0748 https://access.redhat.com/errata/RHSA-2024:0748

Comment 24 errata-xmlrpc 2024-02-27 22:29:02 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7201 https://access.redhat.com/errata/RHSA-2023:7201

Comment 25 errata-xmlrpc 2024-02-27 22:46:55 UTC
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2023:7200 https://access.redhat.com/errata/RHSA-2023:7200

Comment 26 errata-xmlrpc 2024-02-28 00:20:15 UTC
This issue has been addressed in the following products:

  RODOO-1.1-RHEL-9

Via RHSA-2024:0269 https://access.redhat.com/errata/RHSA-2024:0269

Comment 28 errata-xmlrpc 2024-03-05 00:34:34 UTC
This issue has been addressed in the following products:

  STF-1.5-RHEL-8

Via RHSA-2024:1078 https://access.redhat.com/errata/RHSA-2024:1078

Comment 29 errata-xmlrpc 2024-03-06 14:40:04 UTC
This issue has been addressed in the following products:

  OSSO-1.2-RHEL-9

Via RHSA-2024:0281 https://access.redhat.com/errata/RHSA-2024:0281

Comment 31 errata-xmlrpc 2024-04-16 17:26:11 UTC
This issue has been addressed in the following products:

  OADP-1.3-RHEL-9

Via RHSA-2024:1859 https://access.redhat.com/errata/RHSA-2024:1859

Comment 32 errata-xmlrpc 2024-04-18 07:18:34 UTC
This issue has been addressed in the following products:

  Service Interconnect 1 for RHEL 9

Via RHSA-2024:1901 https://access.redhat.com/errata/RHSA-2024:1901

Comment 33 errata-xmlrpc 2024-04-30 09:45:27 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2180 https://access.redhat.com/errata/RHSA-2024:2180

Comment 34 errata-xmlrpc 2024-04-30 09:46:44 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2193 https://access.redhat.com/errata/RHSA-2024:2193

Comment 35 errata-xmlrpc 2024-04-30 09:54:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2239 https://access.redhat.com/errata/RHSA-2024:2239

Comment 36 errata-xmlrpc 2024-04-30 09:55:34 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2245 https://access.redhat.com/errata/RHSA-2024:2245

Comment 37 errata-xmlrpc 2024-04-30 09:58:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2272 https://access.redhat.com/errata/RHSA-2024:2272

Comment 40 errata-xmlrpc 2024-05-22 09:28:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:2988 https://access.redhat.com/errata/RHSA-2024:2988

Comment 41 errata-xmlrpc 2024-05-22 20:11:23 UTC
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 8

Via RHSA-2024:2767 https://access.redhat.com/errata/RHSA-2024:2767

Comment 42 errata-xmlrpc 2024-05-22 20:38:06 UTC
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 9

Via RHSA-2024:2729 https://access.redhat.com/errata/RHSA-2024:2729

Comment 43 errata-xmlrpc 2024-05-22 20:41:22 UTC
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 9

Via RHSA-2024:2730 https://access.redhat.com/errata/RHSA-2024:2730

Comment 44 errata-xmlrpc 2024-05-23 06:39:42 UTC
This issue has been addressed in the following products:

  MTA-7.0-RHEL-9
  MTA-7.0-RHEL-8

Via RHSA-2024:3316 https://access.redhat.com/errata/RHSA-2024:3316

Comment 48 errata-xmlrpc 2024-07-09 12:51:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4429 https://access.redhat.com/errata/RHSA-2024:4429


Note You need to log in before you can comment on or make changes to this bug.