-
Notifications
You must be signed in to change notification settings - Fork 17.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/x509: Verify panics on certificates with an unknown public key algorithm [CVE-2024-24783] #65390
Comments
@gopherbot please open backport issues for this security fix. |
Backport issue(s) opened: #65391 (for 1.20), #65392 (for 1.21). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases. |
Change https://go.dev/cl/569235 mentions this issue: |
Change https://go.dev/cl/569238 mentions this issue: |
…ore interface conversion alreadyInChain assumes all keys fit a interface which contains the Equal method (which they do), but this ignores that certificates may have a nil key when PublicKeyAlgorithm is UnknownPublicKeyAlgorithm. In this case alreadyInChain panics. Check that the key is non-nil as part of considerCandidate (we are never going to build a chain containing UnknownPublicKeyAlgorithm anyway). For #65390 Fixes #65831 Fixes CVE-2024-24783 Change-Id: Ibdccc0a487e3368b6812be35daad2512220243f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2137282 Reviewed-by: Damien Neil <dneil@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2174343 Reviewed-by: Carlos Amedee <amedee@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/569235 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
…ore interface conversion alreadyInChain assumes all keys fit a interface which contains the Equal method (which they do), but this ignores that certificates may have a nil key when PublicKeyAlgorithm is UnknownPublicKeyAlgorithm. In this case alreadyInChain panics. Check that the key is non-nil as part of considerCandidate (we are never going to build a chain containing UnknownPublicKeyAlgorithm anyway). For #65390 Fixes #65392 Fixes CVE-2024-24783 Change-Id: Ibdccc0a487e3368b6812be35daad2512220243f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2137282 Reviewed-by: Damien Neil <dneil@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2173774 Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-by: Carlos Amedee <amedee@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/569238 Auto-Submit: Michael Knyszek <mknyszek@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
…ore interface conversion alreadyInChain assumes all keys fit a interface which contains the Equal method (which they do), but this ignores that certificates may have a nil key when PublicKeyAlgorithm is UnknownPublicKeyAlgorithm. In this case alreadyInChain panics. Check that the key is non-nil as part of considerCandidate (we are never going to build a chain containing UnknownPublicKeyAlgorithm anyway). For golang#65390 Fixes golang#65831 Fixes CVE-2024-24783 Change-Id: Ibdccc0a487e3368b6812be35daad2512220243f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2137282 Reviewed-by: Damien Neil <dneil@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2174343 Reviewed-by: Carlos Amedee <amedee@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/569235 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Change https://go.dev/cl/569339 mentions this issue: |
…ore interface conversion alreadyInChain assumes all keys fit a interface which contains the Equal method (which they do), but this ignores that certificates may have a nil key when PublicKeyAlgorithm is UnknownPublicKeyAlgorithm. In this case alreadyInChain panics. Check that the key is non-nil as part of considerCandidate (we are never going to build a chain containing UnknownPublicKeyAlgorithm anyway). For golang#65390 Fixes golang#65831 Fixes CVE-2024-24783 Change-Id: Ibdccc0a487e3368b6812be35daad2512220243f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2137282 Reviewed-by: Damien Neil <dneil@google.com> Run-TryBot: Roland Shoemaker <bracewell@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2174343 Reviewed-by: Carlos Amedee <amedee@google.com> Reviewed-by: Roland Shoemaker <bracewell@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/569235 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Verifying a certificate chain which contains a certificate with an unknown public
key algorithm will cause Certificate.Verify to panic.
This affects all crypto/tls clients, and servers that set Config.ClientAuth to
VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is
for TLS servers to not verify client certificates.
Thanks to John Howard (Google) for reporting this issue. This is CVE-2024-24783.
/cc @golang/security and @golang/release
The text was updated successfully, but these errors were encountered: