CVE-2023-1732

Name of the Vulnerable Software and Affected Versions CIRCL versions prior to 1.3.3

Description The issue arises from insufficient input validation and lack of measures to neutralize instructions in dynamically executed code in the crypto/rand.Read() function. This could lead to a predictable shared secret in rare deployment cases where an error is thrown by the Read() function. Additionally, the tkn20 and blindrsa components did not check if enough randomness was returned from the user-provided randomness source, typically crypto/rand.Reader. If the source does not return the right number of random bytes, the blinding for blindrsa is weak, and the integrity of the plaintext is not ensured in tkn20.

Recommendations For versions prior to 1.3.3, update to CIRCL version 1.3.3 to resolve the issue. As a temporary workaround, consider disabling the use of crypto/rand.Read() until a patch is available. Restrict access to the tkn20 and blindrsa components to minimize the risk of exploitation. Avoid using user-provided randomness sources that may not return the correct number of random bytes.