CVE-2023-1732

Published: May 10, 2023

Modified: Jan 27, 2025

PUBLISHED

CVSS v3.1

5.3

MEDIUM

Description

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret. The tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.

Vendor	Product	Versions
Cloudflare	CIRCL	affected `0 - < <1.3.3`

Weaknesses (CWE)

CWE-20

CWE-755

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

None

References

https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-1732

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References