| Tatiana Bradley | b7ef72b | 2023-02-16 16:12:45 -0500 | [diff] [blame] | 1 | modules: |
| 2 | - module: std |
| 3 | versions: |
| 4 | - fixed: 1.19.6 |
| 5 | - introduced: 1.20.0 |
| 6 | fixed: 1.20.1 |
| 7 | vulnerable_at: 1.20.0 |
| 8 | packages: |
| 9 | - package: crypto/tls |
| 10 | symbols: |
| 11 | - handshakeMessage.marshal |
| 12 | - Conn.writeRecord |
| 13 | - Conn.readHandshake |
| 14 | - Conn.handleRenegotiation |
| 15 | - Conn.handlePostHandshakeMessage |
| 16 | - Conn.handleKeyUpdate |
| 17 | - Conn.clientHandshake |
| 18 | - Conn.loadSession |
| 19 | - clientHandshakeState.handshake |
| 20 | - clientHandshakeState.doFullHandshake |
| 21 | - clientHandshakeState.readFinished |
| 22 | - clientHandshakeState.readSessionTicket |
| 23 | - clientHandshakeState.sendFinished |
| 24 | - clientHandshakeStateTLS13.handshake |
| 25 | - clientHandshakeStateTLS13.sendDummyChangeCipherSpec |
| 26 | - clientHandshakeStateTLS13.processHelloRetryRequest |
| 27 | - clientHandshakeStateTLS13.readServerParameters |
| 28 | - clientHandshakeStateTLS13.readServerCertificate |
| 29 | - clientHandshakeStateTLS13.readServerFinished |
| 30 | - clientHandshakeStateTLS13.sendClientCertificate |
| 31 | - clientHandshakeStateTLS13.sendClientFinished |
| 32 | - clientHelloMsg.marshal |
| 33 | - clientHelloMsg.marshalWithoutBinders |
| 34 | - clientHelloMsg.updateBinders |
| 35 | - serverHelloMsg.marshal |
| 36 | - encryptedExtensionsMsg.marshal |
| 37 | - endOfEarlyDataMsg.marshal |
| 38 | - keyUpdateMsg.marshal |
| 39 | - newSessionTicketMsgTLS13.marshal |
| 40 | - certificateRequestMsgTLS13.marshal |
| 41 | - certificateMsg.marshal |
| 42 | - certificateMsgTLS13.marshal |
| 43 | - serverKeyExchangeMsg.marshal |
| 44 | - certificateStatusMsg.marshal |
| 45 | - serverHelloDoneMsg.marshal |
| 46 | - clientKeyExchangeMsg.marshal |
| 47 | - finishedMsg.marshal |
| 48 | - certificateRequestMsg.marshal |
| 49 | - certificateVerifyMsg.marshal |
| 50 | - newSessionTicketMsg.marshal |
| 51 | - helloRequestMsg.marshal |
| 52 | - Conn.readClientHello |
| 53 | - serverHandshakeState.doResumeHandshake |
| 54 | - serverHandshakeState.doFullHandshake |
| 55 | - serverHandshakeState.readFinished |
| 56 | - serverHandshakeState.sendSessionTicket |
| 57 | - serverHandshakeState.sendFinished |
| 58 | - serverHandshakeStateTLS13.checkForResumption |
| 59 | - serverHandshakeStateTLS13.sendDummyChangeCipherSpec |
| 60 | - serverHandshakeStateTLS13.doHelloRetryRequest |
| 61 | - serverHandshakeStateTLS13.sendServerParameters |
| 62 | - serverHandshakeStateTLS13.sendServerCertificate |
| 63 | - serverHandshakeStateTLS13.sendServerFinished |
| 64 | - serverHandshakeStateTLS13.sendSessionTickets |
| 65 | - serverHandshakeStateTLS13.readClientCertificate |
| 66 | - serverHandshakeStateTLS13.readClientFinished |
| 67 | - cipherSuiteTLS13.expandLabel |
| 68 | - sessionState.marshal |
| 69 | - sessionStateTLS13.marshal |
| 70 | derived_symbols: |
| 71 | - Conn.Handshake |
| 72 | - Conn.HandshakeContext |
| 73 | - Conn.Read |
| 74 | - Conn.Write |
| 75 | - ConnectionState.ExportKeyingMaterial |
| 76 | - Dial |
| 77 | - DialWithDialer |
| 78 | - Dialer.Dial |
| 79 | - Dialer.DialContext |
| 80 | description: | |
| 81 | Large handshake records may cause panics in crypto/tls. |
| 82 | |
| 83 | Both clients and servers may send large TLS handshake records which |
| 84 | cause servers and clients, respectively, to panic when attempting to |
| 85 | construct responses. |
| 86 | |
| 87 | This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly |
| 88 | enable session resumption (by setting Config.ClientSessionCache to |
| 89 | a non-nil value), and TLS 1.3 servers which request client |
| 90 | certificates (by setting Config.ClientAuth >= RequestClientCert). |
| 91 | credit: Marten Seemann |
| 92 | references: |
| 93 | - report: https://go.dev/issue/58001 |
| 94 | - fix: https://go.dev/cl/468125 |
| 95 | - web: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E |
| 96 | cve_metadata: |
| 97 | id: CVE-2022-41724 |
| 98 | cwe: 'CWE-400: Uncontrolled Resource Consumption' |
