Unrated severityNVD Advisory· Published Jul 11, 2023· Updated Feb 13, 2025
Race condition exists in the key generation and rotation functionality
CVE-2023-1672
Description
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:/o:redhat:enterprise_linux:7+ 2 more
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
- Fedora/Fedorav5
Patches
Vulnerability mechanics
References
5- access.redhat.com/security/cve/CVE-2023-1672mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096mitre
- lists.debian.org/debian-lts-announce/2023/11/msg00004.htmlmitre
- www.openwall.com/lists/oss-security/2023/06/15/1mitre
News mentions
0No linked articles in our index yet.