CVE-2023-29409
Publication date 2 August 2023
Last updated 24 July 2024
Ubuntu priority
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| golang-1.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Ignored | |
| golang-1.20 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Ignored |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
5.3 · Medium
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | Low |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
References
Other references
- https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI
- https://github.com/golang/go/issues/61460
- https://github.com/golang/go/commit/a51957fb0b20bb6c91d0415efca222cc9ecdb770(1.21)
- https://github.com/golang/go/commit/659f2a22076713bd2500adc82e026b6a746d8ba1(1.20)
- https://github.com/golang/go/commit/2300f7ef07718f6be4d8aa8486c7de99836e233f(1.19)
- https://www.cve.org/CVERecord?id=CVE-2023-29409