| modules: |
| - module: github.com/hashicorp/vault |
| versions: |
| - fixed: 1.11.9 |
| - introduced: 1.12.0 |
| fixed: 1.12.5 |
| - introduced: 1.13.0 |
| fixed: 1.13.1 |
| vulnerable_at: 1.13.0 |
| packages: |
| - package: github.com/hashicorp/vault/shamir |
| symbols: |
| - div |
| - mult |
| derived_symbols: |
| - Combine |
| - Split |
| summary: | |
| Shamir's secret sharing implementation vulnerable to cache-timing attacks |
| in HashiCorp Vault |
| description: | |
| HashiCorp Vault's implementation of Shamir's secret sharing uses precomputed |
| table lookups, and is vulnerable to cache-timing attacks. |
| |
| An attacker with access to, and the ability to observe a large number of |
| unseal operations on the host through a side channel may reduce the search |
| space of a brute force effort to recover the Shamir shares. |
| cves: |
| - CVE-2023-25000 |
| ghsas: |
| - GHSA-vq4h-9ghm-qmrr |
| credits: |
| - Giuseppe Cocomazzi |
| references: |
| - fix: https://github.com/hashicorp/vault/pull/19495 |
| - web: https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078 |
