Описание
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.
Отчет
- This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components:
- OpenShift Container Platform
- OpenShift distributed tracing (formerly OpenShift Jaeger)
- OpenShift Migration Toolkit for Containers
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat OpenShift on AWS
- Red Hat OpenShift Virtualization
- Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.
- Because Service Telemetry Framework1.2 will be retiring soon and the flaw's impact is lower, no update will be provided at this time for STF1.2's containers.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Pipelines | golang | Affected | ||
| OpenShift Serverless | knative-serving | Affected | ||
| OpenShift Service Mesh 2.0 | golang | Affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | applifecycle-backend-e2e | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | assisted-installer | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | assisted-installer-agent | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | assisted-service | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | cert-manager | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | cert-policy-controller | Not affected | ||
| Red Hat Advanced Cluster Management for Kubernetes 2 | cluster-curator-controller | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
The crypto/tls package of Go through 1.16.5 does not properly assert t ...
EPSS
6.5 Medium
CVSS3