Arch Linux Security Advisory ASA-202011-16 ========================================== Severity: High Date : 2020-11-17 CVE-ID : CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1278 Summary ======= The package go before version 2:1.15.5-1 is vulnerable to multiple issues including arbitrary code execution and denial of service. Resolution ========== Upgrade to 2:1.15.5-1. # pacman -Syu "go>=2:1.15.5-1" The problems have been fixed upstream in version 1.15.5. Workaround ========== None. Description =========== - CVE-2020-28362 (denial of service) A flaw was found in go before 1.15.5 where a number of math/big.Int methods (Div, Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqrt, Jacobi, and GCD) can panic when provided crafted large inputs. For the panic to happen, the divisor or modulo argument must be larger than 3168 bits (on 32-bit architectures) or 6336 bits (on 64-bit architectures). Multiple math/big.Rat methods are similarly affected. crypto/rsa.VerifyPSS, crypto/rsa.VerifyPKCS1v15, and crypto/dsa.Verify may panic when provided crafted public keys and signatures. crypto/ecdsa and crypto/elliptic operations may only be affected if custom CurveParams with unusually large field sizes (several times larger than the largest supported curve, P-521) are in use. Using crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic, even if the certificates don’t chain to a trusted root. The chain can be delivered via a crypto/tls connection to a client, or to a server that accepts and verifies client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected. Moreover, an application might crash invoking crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate request or during a golang.org/x/crypto/otr conversation. Parsing a golang.org/x/crypto/openpgp Entity or verifying a signature may crash. Finally, a golang.org/x/crypto/ssh client can panic due to a malformed host key, while a server could panic if either PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts a certificate with a malformed public key. - CVE-2020-28366 (arbitrary code execution) A flaw was found in go beforer 1.15.5 where the go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code. - CVE-2020-28367 (arbitrary code execution) A flaw was found in go before 1.15.5 where the go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code. Impact ====== A local attacker might be able to crash the program via a crafted input. In addition a remote attacker might be able to execute arbitrary code when go get is run on a malicious package, or untrusted code is built via any other command. References ========== https://github.com/golang/go/commit/84150d0af193a7ccd733b3c7fa5787f43125cd2d https://github.com/golang/go/issues/42554 https://github.com/golang/go/issues/42562 https://github.com/golang/go/commit/32159824698a82a174b60a6845e8494ae3243102 https://github.com/golang/go/issues/42558 https://github.com/golang/go/commit/ec06b6d6be568ce1591d91a0ea4f14c190d06605 https://security.archlinux.org/CVE-2020-28362 https://security.archlinux.org/CVE-2020-28366 https://security.archlinux.org/CVE-2020-28367