| { |
| "schema_version": "1.3.1", |
| "id": "GO-2023-1765", |
| "modified": "0001-01-01T00:00:00Z", |
| "published": "0001-01-01T00:00:00Z", |
| "aliases": [ |
| "CVE-2023-1732", |
| "GHSA-2q89-485c-9j2x" |
| ], |
| "summary": "Leaked shared secret and weak blinding in github.com/cloudflare/circl", |
| "details": "When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.\n\nThe tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.", |
| "affected": [ |
| { |
| "package": { |
| "name": "github.com/cloudflare/circl", |
| "ecosystem": "Go" |
| }, |
| "ranges": [ |
| { |
| "type": "SEMVER", |
| "events": [ |
| { |
| "introduced": "0" |
| }, |
| { |
| "fixed": "1.3.3" |
| } |
| ] |
| } |
| ], |
| "ecosystem_specific": { |
| "imports": [ |
| { |
| "path": "github.com/cloudflare/circl/abe/cpabe/tkn20/internal/tkn", |
| "symbols": [ |
| "EncryptCCA" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/blindsign/blindrsa", |
| "symbols": [ |
| "RSAVerifier.Blind" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/frodo/frodo640shake", |
| "symbols": [ |
| "PublicKey.EncapsulateTo", |
| "scheme.Encapsulate", |
| "scheme.EncapsulateDeterministically" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/kyber/kyber1024", |
| "symbols": [ |
| "PublicKey.EncapsulateTo", |
| "scheme.Encapsulate", |
| "scheme.EncapsulateDeterministically" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/kyber/kyber512", |
| "symbols": [ |
| "PublicKey.EncapsulateTo", |
| "scheme.Encapsulate", |
| "scheme.EncapsulateDeterministically" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/kyber/kyber768", |
| "symbols": [ |
| "PublicKey.EncapsulateTo", |
| "scheme.Encapsulate", |
| "scheme.EncapsulateDeterministically" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/sike/sikep434", |
| "symbols": [ |
| "scheme.Encapsulate" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/sike/sikep503", |
| "symbols": [ |
| "scheme.Encapsulate" |
| ] |
| }, |
| { |
| "path": "github.com/cloudflare/circl/kem/sike/sikep751", |
| "symbols": [ |
| "scheme.Encapsulate" |
| ] |
| } |
| ] |
| } |
| } |
| ], |
| "references": [ |
| { |
| "type": "ADVISORY", |
| "url": "https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x" |
| }, |
| { |
| "type": "FIX", |
| "url": "https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8" |
| } |
| ], |
| "database_specific": { |
| "url": "https://pkg.go.dev/vuln/GO-2023-1765", |
| "review_status": "REVIEWED" |
| } |
| } |