PT-2023-29487 · Go+5 · Go+5

Published

2023-12-05

·

Updated

2026-02-18

·

CVE-2023-45287

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Go versions prior to 1.20
Description The issue concerns the RSA-based TLS key exchanges in Go, which used the math/big library that is not constant time. Although RSA blinding was applied to prevent timing attacks, analysis suggests this may not have been fully effective, potentially leaking timing information due to the removal of PKCS#1 padding. This could be used to recover session key bits. The crypto/tls library in Go 1.20 has been updated to a fully constant time RSA implementation, believed to not exhibit any timing side channels.
Recommendations For versions prior to 1.20, update to Go 1.20 or later to resolve the issue, as it includes a fully constant time RSA implementation. As a temporary workaround, consider restricting the use of RSA-based TLS key exchanges until a patch is available. Avoid relying on the math/big library for TLS key exchanges in affected versions.

Fix

Side Channel Attack

Weakness Enumeration

CWE-203

Related Identifiers

ALSA-2024:0748
ALSA-2024:2180
ALSA-2024:2193
ALSA-2024:2239
ALSA-2024:2245
ALSA-2024:2272
AZL-32100
AZL-32123
AZL-34764
AZL-37310
AZL-37380
AZL-79088
BIT-GOLANG-2023-45287
CESA-2024_0748
CESA-2024_2988
CVE-2023-45287
GO-2023-2375
INFSA-2024_2180
INFSA-2024_2193
INFSA-2024_2239
INFSA-2024_2245
INFSA-2024_2272
INFSA-2024_2988
RHSA-2023:7200
RHSA-2023:7201
RHSA-2024:0748
RHSA-2024:2180
RHSA-2024:2193
RHSA-2024:2239
RHSA-2024:2245
RHSA-2024:2272
RHSA-2024:2729
RHSA-2024:2730
RHSA-2024:2767
RHSA-2024:2988
RHSA-2024:4429
RHSA-2024_0748
RHSA-2024_2180
RHSA-2024_2193
RHSA-2024_2239
RHSA-2024_2245
RHSA-2024_2272
RHSA-2024_2988

Affected Products

Almalinux
Centos
Debian
Go
Red Hat
Rocky Linux