CVE-2016-9123

Name of the Vulnerable Software and Affected Versions go-jose versions prior to 1.0.5

Description The issue concerns an integer overflow in CBC-HMAC on 32-bit architectures, potentially leading to authentication bypass for CBC-HMAC encrypted ciphertexts. On 32-bit platforms, an attacker can manipulate ciphertext encrypted with AES-CBC with HMAC, allowing control over the input buffer size when computing the HMAC authentication tag. This could enable a manipulated ciphertext to be verified as authentic, making it vulnerable to padding oracle attacks.

Recommendations For go-jose versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of CBC-HMAC encryption on 32-bit architectures until the update is applied.