зеркало из https://github.com/golang/vulndb.git
37 строки
1.3 KiB
YAML
37 строки
1.3 KiB
YAML
id: GO-2022-0531
|
|
modules:
|
|
- module: std
|
|
versions:
|
|
- fixed: 1.17.11
|
|
- introduced: 1.18.0-0
|
|
fixed: 1.18.3
|
|
vulnerable_at: 1.18.2
|
|
packages:
|
|
- package: crypto/tls
|
|
symbols:
|
|
- serverHandshakeStateTLS13.sendSessionTickets
|
|
summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
|
|
description: |
|
|
An attacker can correlate a resumed TLS session with a previous connection.
|
|
|
|
Session tickets generated by crypto/tls do not contain a randomly
|
|
generated ticket_age_add, which allows an attacker that can observe TLS
|
|
handshakes to correlate successive connections by comparing ticket ages
|
|
during session resumption.
|
|
published: 2022-07-28T17:24:57Z
|
|
credits:
|
|
- Github user @nervuri
|
|
references:
|
|
- fix: https://go.dev/cl/405994
|
|
- fix: https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5
|
|
- report: https://go.dev/issue/52814
|
|
- web: https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ
|
|
cve_metadata:
|
|
id: CVE-2022-30629
|
|
cwe: 'CWE-200: Information Exposure'
|
|
description: |
|
|
Non-random values for ticket_age_add in session tickets in crypto/tls
|
|
before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS
|
|
handshakes to correlate successive connections by comparing ticket ages
|
|
during session resumption.
|