New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: check parameters to avoid potential remote denial-of-service attack #15184

Closed
bradfitz opened this Issue Apr 8, 2016 · 0 comments

Comments

Projects
None yet
3 participants
@bradfitz
Member

bradfitz commented Apr 8, 2016

Go's crypto libraries passed certain parameters unchecked to math/big.Int.Exp (https://golang.org/pkg/math/big/#Int.Exp), possibly leading to extremely long-running computations, which in turn makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client certificates (a non-zero tls.Config.ClientAuth value of https://golang.org/pkg/crypto/tls/#ClientAuthType) or the Go SSH server libraries are both exposed to this vulnerability.

This is CVE-2016-3959 and was addressed by https://golang.org/cl/21533 for crypto/dsa (the reported problem) and https://golang.org/cl/21560 (similar change to crypto/rsa and crypto/ecdsa, despite no known path to make those go into the slow path).

Thanks to David Wong for identifying this issue.

@bradfitz bradfitz added this to the Go1.6.1 milestone Apr 8, 2016

@golang golang locked and limited conversation to collaborators Apr 8, 2016

@adg adg self-assigned this Apr 8, 2016

@minux minux added the Security label Apr 13, 2016

@ianlancetaylor ianlancetaylor changed the title from security: Go 1.6.1 placeholder bug to crypto: check parameters to avoid potential remote denial-of-service attack Apr 13, 2016

@bradfitz bradfitz closed this May 9, 2016

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.