CVE-2023-45287

Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels.

Antes de Go 1.20, los intercambios de claves TLS basados en RSA utilizaban la librería math/big, que no es un tiempo constante. Se aplicó blinding RSA para prevenir ataques sincronizados, pero el análisis muestra que esto puede no haber sido completamente efectivo. En particular, parece que la eliminación del relleno PKCS#1 puede filtrar información de tiempo, que a su vez podría usarse para recuperar bits de clave de sesión. En Go 1.20, la librería crypto/tls cambió a una implementación RSA de tiempo completamente constante, que no creemos que muestre ningún canal lateral de temporización.

A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-10-06 CVE Reserved
2023-12-05 CVE Published
2025-02-13 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-203: Observable Discrepancy
CWE-208: Observable Timing Discrepancy

CAPEC

References (8)

URL	Tag	Source
https://go.dev/cl/326012/26	Issue Tracking
https://go.dev/issue/20654	Issue Tracking
https://groups.google.com/g/golang-announce/c/QMK8IQALDvA	Mailing List
https://people.redhat.com/~hkario/marvin	Third Party Advisory
https://security.netapp.com/advisory/ntap-20240112-0005

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://pkg.go.dev/vuln/GO-2023-2375	2024-01-12
https://access.redhat.com/security/cve/CVE-2023-45287	2024-07-09
https://bugzilla.redhat.com/show_bug.cgi?id=2253193	2024-07-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Golang Search vendor "Golang"		Go Search vendor "Golang" for product "Go"				< 1.20.0 Search vendor "Golang" for product "Go" and version " < 1.20.0"		-		Affected