ASA-2018-00076 – Go: CPU denial of service in chain validation

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2018-00076

Identifier(s)

ASA-2018-00076, CVE-2018-16875

Title

CPU denial of service in chain validation

Vendor(s)

The Go Authors

Product(s)

Go

Affected version(s)

Go before 1.11.3 and 1.10.6

Fixed version(s)

Go 1.11.3
Go 1.10.6

Proof of concept

Unknown

Description

The crypto/x509 package does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients verifying certificates are affected.

Technical details

Unknown

Credits

Netflix

Reference(s)

Go security releases 1.11.3 and 1.10.6
https://seclists.org/oss-sec/2018/q4/254

crypto/x509: CPU denial of service in chain validation #29233
https://golang.org/issue/29233

[release-branch.go1.11-security] crypto/x509: limit number of signature checks for each verification
https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25

[release-branch.go1.10-security] crypto/x509: limit number of signature checks for each verification
https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d

CVE-2018-16875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16875

CVE-2018-16875
https://nvd.nist.gov/vuln/detail/CVE-2018-16875

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: February 11, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.