| id: GO-2023-1709 |
| modules: |
| - module: github.com/hashicorp/vault |
| versions: |
| - fixed: 1.11.9 |
| - introduced: 1.12.0 |
| - fixed: 1.12.5 |
| - introduced: 1.13.0 |
| - fixed: 1.13.1 |
| vulnerable_at: 1.13.0 |
| packages: |
| - package: github.com/hashicorp/vault/shamir |
| symbols: |
| - div |
| - mult |
| derived_symbols: |
| - Combine |
| - Split |
| summary: Cache-timing attacks in Shamir's secret sharing in github.com/hashicorp/vault |
| description: |- |
| HashiCorp Vault's implementation of Shamir's secret sharing uses precomputed |
| table lookups, and is vulnerable to cache-timing attacks. |
| |
| An attacker with access to, and the ability to observe a large number of unseal |
| operations on the host through a side channel may reduce the search space of a |
| brute force effort to recover the Shamir shares. |
| cves: |
| - CVE-2023-25000 |
| ghsas: |
| - GHSA-vq4h-9ghm-qmrr |
| credits: |
| - Giuseppe Cocomazzi |
| references: |
| - fix: https://github.com/hashicorp/vault/pull/19495 |
| - web: https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078 |
| review_status: REVIEWED |