Vulnerability Report: GO-2023-2402
- CVE-2023-48795, GHSA-45x7-px36-x8w8
- Affects: golang.org/x/crypto
- Published: Dec 18, 2023
- Modified: Apr 26, 2024
A protocol weakness allows a MITM attacker to compromise the integrity of the secure channel before it is established, allowing the attacker to prevent transmission of a number of messages immediately after the secure channel is established without either side being aware. The impact of this attack is relatively limited, as it does not compromise confidentiality of the channel. Notably this attack would allow an attacker to prevent the transmission of the SSH2_MSG_EXT_INFO message, disabling a handful of newer security features. This protocol weakness was also fixed in OpenSSH 9.6.
Affected Packages
-
PathVersionsSymbols
-
before v0.17.0
25 affected symbols
- Client.Dial
- Client.DialContext
- Client.DialTCP
- Client.Listen
- Client.ListenTCP
- Client.ListenUnix
- Client.NewSession
- Dial
- DiscardRequests
- NewClient
- NewClientConn
- NewServerConn
- Request.Reply
- Session.Close
- Session.CombinedOutput
- Session.Output
- Session.RequestPty
- Session.RequestSubsystem
- Session.Run
- Session.SendRequest
- Session.Setenv
- Session.Shell
- Session.Signal
- Session.Start
- Session.WindowChange
Aliases
References
- https://go.dev/issue/64784
- https://go.dev/cl/550715
- https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
- https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
- https://www.openssh.com/txt/release-9.6
- https://vuln.go.dev/ID/GO-2023-2402.json
Credits
- Fabian Bäumer (Ruhr University Bochum)Marcus Brinkmann (Ruhr University Bochum), Jörg Schwenk (Ruhr University Bochum)
Feedback
See anything missing or incorrect?
Suggest an edit to this report.