Go TLS RSA Timing SideChannel vulnerability before 1.20
CVE-2023-45287 Published on December 5, 2023
Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel
Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels.
Products Associated with CVE-2023-45287
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-45287 are published in GoLang Go:
Affected Versions
Go standard library crypto/tls:- Before 1.20.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.