Improper random reading in CIRCL
Description
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret.
The tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/cloudflare/circlGo | < 1.3.3 | 1.3.3 |
Affected products
29- osv-coords28 versionspkg:apk/chainguard/aactlpkg:apk/chainguard/flux-0pkg:apk/chainguard/flux-compatpkg:apk/chainguard/kyverno-1.8pkg:apk/chainguard/kyverno-cli-1.8pkg:apk/chainguard/kyverno-init-container-1.8pkg:apk/chainguard/pulumi-language-javapkg:apk/chainguard/tekton-pipelinespkg:apk/chainguard/tekton-pipelines-entrypointpkg:apk/chainguard/tekton-pipelines-eventspkg:apk/chainguard/tekton-pipelines-noppkg:apk/chainguard/tekton-pipelines-resolverspkg:apk/chainguard/tekton-pipelines-sidecarlogresultspkg:apk/chainguard/tekton-pipelines-webhookpkg:apk/chainguard/tekton-pipelines-workingdirinitpkg:apk/wolfi/aactlpkg:apk/wolfi/flux-compatpkg:apk/wolfi/pulumi-language-javapkg:apk/wolfi/tekton-pipelinespkg:apk/wolfi/tekton-pipelines-entrypointpkg:apk/wolfi/tekton-pipelines-eventspkg:apk/wolfi/tekton-pipelines-noppkg:apk/wolfi/tekton-pipelines-resolverspkg:apk/wolfi/tekton-pipelines-sidecarlogresultspkg:apk/wolfi/tekton-pipelines-webhookpkg:apk/wolfi/tekton-pipelines-workingdirinitpkg:golang/github.com/cloudflare/circlpkg:rpm/opensuse/velociraptor&distro=openSUSE%20Tumbleweed
< 0.4.12-r7+ 27 more
- (no CPE)range: < 0.4.12-r7
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.8.5-r2
- (no CPE)range: < 1.8.5-r2
- (no CPE)range: < 1.8.5-r2
- (no CPE)range: < 0.9.3-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.4.12-r7
- (no CPE)range: < 0
- (no CPE)range: < 0.9.3-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.3.3
- (no CPE)range: < 0.7.0.4.git142.862ef23-1.1
- Range: 0
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-2q89-485c-9j2xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-1732ghsaADVISORY
- github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8ghsaWEB
- github.com/cloudflare/circl/releases/tag/v1.3.3ghsaWEB
- github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2xghsaWEB
News mentions
0No linked articles in our index yet.