Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2018-16875

Published: 14/12/2018 Updated: 07/11/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Golang

Vulnerability Summary

The crypto/x509 package of Go prior to 1.10.6 and 1.11.x prior to 1.11.3 does not limit the amount of work performed for each chain verification, which might allow malicious users to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

golang go

opensuse leap 42.3

Vendor Advisories

Amazon Linux AMI: ALAS-2018-1130
In Go before 1106 and 111x before 1113, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at http ...
Red Hat: CVE-2018-16875
The crypto/x509 package of Go before 1106 and 111x before 1113 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service Go TLS servers accepting client certificates and TLS clients are affected ...
Arch Linux Issues:
The crypto/x509 package of Go before 1106 and 111x before 1113 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service Go TLS servers accepting client certificates and TLS clients are affected ...

Github Repositories

https://github.com/stanal/tlsserver

tlsserver this code is referenced from githubcom/alexzorin/poc-cve-2018-16875 generate certificate chain and start tls server args: -inters 10 intermidiates certificates count -noserver only generate certificate, not start tls server -notgencert use current cert dir, not regenerate -domain DNS in certificate -port port for tls server to listen on eg: /

References

CWE-295https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16875http://www.securityfocus.com/bid/106230https://security.gentoo.org/glsa/201812-09http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-07/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.htmlhttps://groups.google.com/forum/?pli=1#%21topic/golang-announce/Kw31K8G7Fi0https://nvd.nist.govhttps://github.com/stanal/tlsserverhttps://alas.aws.amazon.com/ALAS-2018-1130.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook