Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: remote ddos vulnerability #28791

Closed
boo0m opened this issue Nov 14, 2018 · 6 comments

Comments

@boo0m
Copy link

@boo0m boo0m commented Nov 14, 2018

What version of Go are you using (go version)?

$ go version
1.11.2

Does this issue reproduce with the latest release?

yes

What operating system and processor architecture are you using (go env)?

linux x86_64

A TLS connect vulnerability seems have not been repaired yet.
We could reproduce this vulnerability by using poc. It allows remote attackers to cause a denial of service (CPU exhaustion).
Could you please leave me a email address so that I can give you POC.

image

@boo0m boo0m changed the title Tls remote dos vulnerability TLS remote dos vulnerability Nov 14, 2018
@boo0m boo0m changed the title TLS remote dos vulnerability TLS remote ddos vulnerability Nov 14, 2018
@ALTree

This comment has been minimized.

Copy link
Member

@ALTree ALTree commented Nov 14, 2018

@ianlancetaylor ianlancetaylor changed the title TLS remote ddos vulnerability crypto/tls: remote ddos vulnerability Nov 14, 2018
@ianlancetaylor ianlancetaylor added this to the Go1.12 milestone Nov 14, 2018
@ianlancetaylor

This comment has been minimized.

Copy link
Contributor

@ianlancetaylor ianlancetaylor commented Nov 14, 2018

@FiloSottile

This comment has been minimized.

Copy link
Member

@FiloSottile FiloSottile commented Nov 14, 2018

I went through the security@golang.org archives and I did not find any reports matching this issue. Please follow the Security Policy and use that contact to report it. If you did contact that channel, please resend the report to me directly, my email is filippo@golang.org.

@theckman

This comment has been minimized.

Copy link
Contributor

@theckman theckman commented Nov 14, 2018

I suspect that it will happen, but once you've been able to confirm receipt of the PoC can you add a comment here @FiloSottile? A few people in the community are 👀 on this issue now and I'm sure we'd like to know that progress is being made, even if details are not shared until public disclosure.

@FiloSottile

This comment has been minimized.

Copy link
Member

@FiloSottile FiloSottile commented Nov 14, 2018

The report pointed to the same issue and PoC of #22543, which was fixed in Go 1.10 by limiting the maximum consecutive warning alerts to 5. The issue there was that there was a way to keep a connection busy forever without an application noticing. That's not the case anymore.

The observed behavior is simply the server handling 50 local threads continuously sending ClientHello messages. Of the following warning alerts only 5 are processed, at which point the server correctly closes the connection with error tls: too many warn alerts as a mitigation.

To verify that this is indeed working as intended and not affected by CVE-2016-8610, you can run the PoC with 0 as the number of alerts, and the same number of threads. That neutralizes the actual attack behavior, but still causes full CPU utilization.

If an attacker can flood ClientHello messages faster than the server can answer, there's nothing the server can do on its own.

@theckman

This comment has been minimized.

Copy link
Contributor

@theckman theckman commented Nov 14, 2018

@FiloSottile thank you so much for the summary!

@golang golang locked and limited conversation to collaborators Nov 14, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
6 participants
You can’t perform that action at this time.