blob: b5960383b0c22b58bc68709dff69af63060cf66f [file] [log] [blame]
id: GO-2023-1570
modules:
- module: std
versions:
- fixed: 1.19.6
- introduced: 1.20.0-0
- fixed: 1.20.1
vulnerable_at: 1.20.0
packages:
- package: crypto/tls
symbols:
- handshakeMessage.marshal
- Conn.writeRecord
- Conn.readHandshake
- Conn.handleRenegotiation
- Conn.handlePostHandshakeMessage
- Conn.handleKeyUpdate
- Conn.clientHandshake
- Conn.loadSession
- clientHandshakeState.handshake
- clientHandshakeState.doFullHandshake
- clientHandshakeState.readFinished
- clientHandshakeState.readSessionTicket
- clientHandshakeState.sendFinished
- clientHandshakeStateTLS13.handshake
- clientHandshakeStateTLS13.sendDummyChangeCipherSpec
- clientHandshakeStateTLS13.processHelloRetryRequest
- clientHandshakeStateTLS13.readServerParameters
- clientHandshakeStateTLS13.readServerCertificate
- clientHandshakeStateTLS13.readServerFinished
- clientHandshakeStateTLS13.sendClientCertificate
- clientHandshakeStateTLS13.sendClientFinished
- clientHelloMsg.marshal
- clientHelloMsg.marshalWithoutBinders
- clientHelloMsg.updateBinders
- serverHelloMsg.marshal
- encryptedExtensionsMsg.marshal
- endOfEarlyDataMsg.marshal
- keyUpdateMsg.marshal
- newSessionTicketMsgTLS13.marshal
- certificateRequestMsgTLS13.marshal
- certificateMsg.marshal
- certificateMsgTLS13.marshal
- serverKeyExchangeMsg.marshal
- certificateStatusMsg.marshal
- serverHelloDoneMsg.marshal
- clientKeyExchangeMsg.marshal
- finishedMsg.marshal
- certificateRequestMsg.marshal
- certificateVerifyMsg.marshal
- newSessionTicketMsg.marshal
- helloRequestMsg.marshal
- Conn.readClientHello
- serverHandshakeState.doResumeHandshake
- serverHandshakeState.doFullHandshake
- serverHandshakeState.readFinished
- serverHandshakeState.sendSessionTicket
- serverHandshakeState.sendFinished
- serverHandshakeStateTLS13.checkForResumption
- serverHandshakeStateTLS13.sendDummyChangeCipherSpec
- serverHandshakeStateTLS13.doHelloRetryRequest
- serverHandshakeStateTLS13.sendServerParameters
- serverHandshakeStateTLS13.sendServerCertificate
- serverHandshakeStateTLS13.sendServerFinished
- serverHandshakeStateTLS13.sendSessionTickets
- serverHandshakeStateTLS13.readClientCertificate
- serverHandshakeStateTLS13.readClientFinished
- cipherSuiteTLS13.expandLabel
- sessionState.marshal
- sessionStateTLS13.marshal
derived_symbols:
- Conn.Handshake
- Conn.HandshakeContext
- Conn.Read
- Conn.Write
- ConnectionState.ExportKeyingMaterial
- Dial
- DialWithDialer
- Dialer.Dial
- Dialer.DialContext
summary: Panic on large handshake records in crypto/tls
description: |-
Large handshake records may cause panics in crypto/tls.
Both clients and servers may send large TLS handshake records which cause
servers and clients, respectively, to panic when attempting to construct
responses.
This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable
session resumption (by setting Config.ClientSessionCache to a non-nil value),
and TLS 1.3 servers which request client certificates (by setting
Config.ClientAuth >= RequestClientCert).
credits:
- Marten Seemann
references:
- report: https://go.dev/issue/58001
- fix: https://go.dev/cl/468125
- web: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
cve_metadata:
id: CVE-2022-41724
cwe: 'CWE-400: Uncontrolled Resource Consumption'
references:
- https://security.gentoo.org/glsa/202311-09
review_status: REVIEWED