GO-2023-2402

Source
https://pkg.go.dev/vuln/GO-2023-2402
Import Source
https://vuln.go.dev/ID/GO-2023-2402.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2023-2402
Aliases
Published
2023-12-18T21:18:26Z
Modified
2024-10-15T05:57:19.139028Z
Summary
Man-in-the-middle attacker can compromise integrity of secure channel in golang.org/x/crypto
Details

A protocol weakness allows a MITM attacker to compromise the integrity of the secure channel before it is established, allowing the attacker to prevent transmission of a number of messages immediately after the secure channel is established without either side being aware.

The impact of this attack is relatively limited, as it does not compromise confidentiality of the channel. Notably this attack would allow an attacker to prevent the transmission of the SSH2MSGEXT_INFO message, disabling a handful of newer security features.

This protocol weakness was also fixed in OpenSSH 9.6.

References
Credits
    • Fabian Bäumer (Ruhr University Bochum)
    • Marcus Brinkmann (Ruhr University Bochum)
    • Jörg Schwenk (Ruhr University Bochum)

Affected packages

Go / golang.org/x/crypto

Package

Name
golang.org/x/crypto
View open source insights on deps.dev
Purl
pkg:golang/golang.org/x/crypto

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.17.0

Ecosystem specific

{
    "imports": [
        {
            "path": "golang.org/x/crypto/ssh",
            "symbols": [
                "Client.Dial",
                "Client.DialContext",
                "Client.DialTCP",
                "Client.Listen",
                "Client.ListenTCP",
                "Client.ListenUnix",
                "Client.NewSession",
                "Dial",
                "DiscardRequests",
                "NewClient",
                "NewClientConn",
                "NewServerConn",
                "Request.Reply",
                "Session.Close",
                "Session.CombinedOutput",
                "Session.Output",
                "Session.RequestPty",
                "Session.RequestSubsystem",
                "Session.Run",
                "Session.SendRequest",
                "Session.Setenv",
                "Session.Shell",
                "Session.Signal",
                "Session.Start",
                "Session.WindowChange",
                "channel.Accept",
                "channel.Close",
                "channel.CloseWrite",
                "channel.Read",
                "channel.ReadExtended",
                "channel.Reject",
                "channel.SendRequest",
                "channel.Write",
                "channel.WriteExtended",
                "connectionState.readPacket",
                "connectionState.writePacket",
                "curve25519sha256.Client",
                "curve25519sha256.Server",
                "dhGEXSHA.Client",
                "dhGEXSHA.Server",
                "dhGroup.Client",
                "dhGroup.Server",
                "ecdh.Client",
                "ecdh.Server",
                "extChannel.Read",
                "extChannel.Write",
                "handshakeTransport.enterKeyExchange",
                "handshakeTransport.readLoop",
                "handshakeTransport.sendKexInit",
                "mux.OpenChannel",
                "mux.SendRequest",
                "sessionStdin.Close",
                "sshClientKeyboardInteractive.Challenge",
                "tcpListener.Accept",
                "tcpListener.Close",
                "transport.readPacket",
                "transport.writePacket",
                "unixListener.Accept",
                "unixListener.Close"
            ]
        }
    ]
}