crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters (CVE-2021-34558) #47143
Labels
FrozenDueToAge
NeedsFix
The path to resolution is known, but the work has not been done.
release-blocker
Security
Milestone
Comments
FiloSottile
added
Security
NeedsFix
|
@gopherbot please file backport issues for this security fix. |
|
Backport issue(s) opened: #47144 (for 1.15), #47145 (for 1.16). Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://golang.org/wiki/MinorReleases. |
|
Change https://golang.org/cl/334030 mentions this issue: |
|
Change https://golang.org/cl/334029 mentions this issue: |
|
Change https://golang.org/cl/334031 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Jul 12, 2021
When casting the certificate public key in generateClientKeyExchange, check the type is appropriate. This prevents a panic when a server agrees to a RSA based key exchange, but then sends an ECDSA (or other) certificate. Updates #47143 Fixes #47144 Fixes CVE-2021-34558 Thanks to Imre Rad for reporting this issue. Change-Id: Iabccacca6052769a605cccefa1216a9f7b7f6aea Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1116723 Reviewed-by: Filippo Valsorda <valsorda@google.com> Reviewed-by: Katie Hockman <katiehockman@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/334030 Trust: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
gopherbot
pushed a commit
that referenced
this issue
Jul 12, 2021
When casting the certificate public key in generateClientKeyExchange, check the type is appropriate. This prevents a panic when a server agrees to a RSA based key exchange, but then sends an ECDSA (or other) certificate. Updates #47143 Fixes #47145 Fixes CVE-2021-34558 Thanks to Imre Rad for reporting this issue. Change-Id: Iabccacca6052769a605cccefa1216a9f7b7f6aea Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1116723 Reviewed-by: Filippo Valsorda <valsorda@google.com> Reviewed-by: Katie Hockman <katiehockman@google.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/334029 Trust: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> TryBot-Result: Go Bot <gobot@golang.org>
dmitshur
changed the title
simonswine
added a commit
to simonswine/cortex
that referenced
this issue
Jul 13, 2021
This addresses CVE-2021-34558. golang/go#47143 Signed-off-by: Christian Simon <simon@swine.de>
pracucci
added a commit
to cortexproject/cortex
that referenced
this issue
Jul 13, 2021
* Update go version in build image to 1.16.6 This addresses CVE-2021-34558. golang/go#47143 Signed-off-by: Christian Simon <simon@swine.de> * Update build image and golang version in CI Signed-off-by: Marco Pracucci <marco@pracucci.com> * Update LATEST_BUILD_IMAGE_TAG in makefile Signed-off-by: Christian Simon <simon@swine.de> Co-authored-by: Marco Pracucci <marco@pracucci.com>
tomwilkie
pushed a commit
to grafana/mimir
that referenced
this issue
Jul 13, 2021
* Update go version in build image to 1.16.6 This addresses CVE-2021-34558. golang/go#47143 Signed-off-by: Christian Simon <simon@swine.de> * Update build image and golang version in CI Signed-off-by: Marco Pracucci <marco@pracucci.com> * Update LATEST_BUILD_IMAGE_TAG in makefile Signed-off-by: Christian Simon <simon@swine.de> Co-authored-by: Marco Pracucci <marco@pracucci.com> Former-commit-id: e49102c
alvinlin123
pushed a commit
to ac1214/cortex
that referenced
this issue
Jan 14, 2022
* Update go version in build image to 1.16.6 This addresses CVE-2021-34558. golang/go#47143 Signed-off-by: Christian Simon <simon@swine.de> * Update build image and golang version in CI Signed-off-by: Marco Pracucci <marco@pracucci.com> * Update LATEST_BUILD_IMAGE_TAG in makefile Signed-off-by: Christian Simon <simon@swine.de> Co-authored-by: Marco Pracucci <marco@pracucci.com> Signed-off-by: Alvin Lin <alvinlin@amazon.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
crypto/tlsclients can panic when provided a certificate of the wrong type for the negotiated parameters.net/httpclients performing HTTPS requests are also affected. The panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured withConfig.InsecureSkipVerify. Clients that disable allTLS_RSAcipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.Thanks to Imre Rad for reporting this issue.
This issue is CVE-2021-34558.
The text was updated successfully, but these errors were encountered: