Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS0ycTg5LTQ4NWMtOWoyeM4AAzSj

Moderate EPSS: 0.00192% (0.41475 Percentile) EPSS:
Permalink JSON

Improper random reading in CIRCL

Affected Packages Affected Versions Fixed Versions
go:github.com/cloudflare/circl < 1.3.3 1.3.3
6,861 Dependent packages
2,787 Dependent repositories

Affected Version Ranges

All affected versions

1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.3.1, 1.3.2

All unaffected versions

1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.7, 1.3.8, 1.3.9, 1.4.0, 1.5.0, 1.6.0, 1.6.1

Impact

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.

The tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.

Patches

The fix was introduced in CIRCL v. 1.3.3

References:

Identifiers

GHSA-2q89-485c-9j2x

CVE-2023-1732

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00192

EPSS Percentile: 0.41475

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/cloudflare/circl

Date and time

Published

about 2 years ago

Updated

over 1 year ago

API

JSON