Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.AL2023_ALAS2023-2023-310.NASLHistoryAug 24, 2023 - 12:00 a.m.
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-310)
2023-08-2400:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
amazon linux 2023
golang
golang-bin
golang-misc
alas2023-2023-310
vulnerability
rsa keys
certificate chains
cpu time
signatures
cve-2023-29409
nessus
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
45.3%
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-310 advisory.
- Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable. (CVE-2023-29409)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-310.
##
include('compat.inc');
if (description)
{
script_id(180109);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/15");
script_cve_id("CVE-2023-29409");
script_xref(name:"IAVB", value:"2023-B-0064-S");
script_name(english:"Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-310)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2023 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-310 advisory.
- Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time
verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <=
8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in
circulation with keys larger than this, and all three appear to be test certificates that are not actively
deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so
causing breakage here in the interests of increasing the default safety of users of crypto/tls seems
reasonable. (CVE-2023-29409)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2023/ALAS-2023-310.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2023-29409.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"solution", value:
"Run 'dnf update golang --releasever 2023.1.20230823' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-29409");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/08/02");
script_set_attribute(attribute:"patch_publication_date", value:"2023/08/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-bin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-misc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-shared");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-src");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:golang-tests");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2023");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "-2023")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2023", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var pkgs = [
{'reference':'golang-1.20.7-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-1.20.7-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-bin-1.20.7-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-bin-1.20.7-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-docs-1.20.7-1.amzn2023.0.1', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-misc-1.20.7-1.amzn2023.0.1', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-shared-1.20.7-1.amzn2023.0.1', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-shared-1.20.7-1.amzn2023.0.1', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-src-1.20.7-1.amzn2023.0.1', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'golang-tests-1.20.7-1.amzn2023.0.1', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "golang / golang-bin / golang-docs / etc");
}Related
amazon
amazon
Medium: nerdctl
2023-08-17 11:58:00
Medium: cri-tools
2023-08-31 22:28:00
Medium: amazon-cloudwatch-agent
2023-08-17 11:58:00
nessus
nessus
Amazon Linux 2023 : nerdctl (ALAS2023-2023-309)
2023-08-24 00:00:00
openSUSE 15 Security Update : grafana (SUSE-SU-2023:3886-1)
2023-09-29 00:00:00
Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2023-307)
2023-08-24 00:00:00
osv
osv
Large RSA keys can cause high CPU usage in crypto/tls
2023-08-02 17:25:58
CGA-cgw7-rj35-5w6f
2024-06-06 12:25:37
BIT-golang-2023-29409
2024-03-06 10:54:53
ubuntucve
ubuntucve
CVE-2023-29409
2023-08-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-2896)
2023-10-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3888-1)
2023-09-29 00:00:00
openSUSE: Security Advisory for go1.19 (SUSE-SU-2023:3263-1)
2024-03-04 00:00:00
redhatcve
redhatcve
CVE-2023-29409
2023-08-07 05:18:51
cgr
cgr
CVE-2023-29409 vulnerabilities
2024-05-19 03:07:16
ibm
ibm
Security Bulletin: IBM Storage Protect Server is susceptible to numerous vulnerabilities due to Golang Go (CVE-2023-29409)
2023-12-15 16:27:06
nvd
nvd
CVE-2023-29409
2023-08-02 20:15:11
prion
prion
Code injection
2023-08-02 20:15:00
cbl_mariner
cbl_mariner
CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1
2024-09-30 09:32:25
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
2024-09-30 09:32:17
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
2024-09-30 09:32:25
alpinelinux
alpinelinux
CVE-2023-29409
2023-08-02 20:15:11
redhat
redhat
debiancve
debiancve
CVE-2023-29409
2023-08-02 20:15:11
wolfi
wolfi
CVE-2023-29409 vulnerabilities
2024-09-30 09:32:54
veracode
veracode
Denial Of Service (DoS)
2023-08-04 03:29:08
cvelist
cvelist
CVE-2023-29409 Large RSA keys can cause high CPU usage in crypto/tls
2023-08-02 19:47:23
cve
cve
CVE-2023-29409
2023-08-02 20:15:11
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Golang Go
2023-08-21 15:59:26
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0066
2023-08-05 00:00:00
Moderate Photon OS Security Update - PHSA-2023-4.0-0484
2023-10-05 00:00:00
almalinux
almalinux
Important: go-toolset and golang security and bug fix update
2023-10-16 00:00:00
Moderate: runc security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
oraclelinux
oraclelinux
runc security update
2023-12-14 00:00:00
go-toolset and golang security and bug fix update
2023-10-18 00:00:00
podman security update
2023-12-14 00:00:00
rocky
rocky
go-toolset and golang security and bug fix update
2023-10-24 18:37:03
avleonov
avleonov
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
0.001
Percentile
45.3%
Related for AL2023_ALAS2023-2023-310.NASL