CVE-2021-34558
Description
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.475
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update go-toolset-1.15.14-1.module+el8.4.0+11833+614b07b8.x86_64.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-1.15.14-1.module+el8.4.0+11833+614b07b8.x86_64.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-bin-1.15.14-1.module+el8.4.0+11833+614b07b8.x86_64.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-docs-1.15.14-1.module+el8.4.0+11833+614b07b8.noarch.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-misc-1.15.14-1.module+el8.4.0+11833+614b07b8.noarch.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-race-1.15.14-1.module+el8.4.0+11833+614b07b8.x86_64.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-src-1.15.14-1.module+el8.4.0+11833+614b07b8.noarch.rpm | Linux |
| (RHSA-2021:3076) go-toolset:rhel8 security, bug fix, and enhancement update golang-tests-1.15.14-1.module+el8.4.0+11833+614b07b8.noarch.rpm | Linux |
| Delve update (ELSA-2021-3076) delve-1.5.0-2.0.1.module+el8.4.0+20021+8a86d991.x86_64.rpm | Linux |
| Go-toolset update (ELSA-2021-3076) go-toolset-1.15.14-1.module+el8.4.0+20290+7af514f4.x86_64.rpm | Linux |
| Golang update (ELSA-2021-3076) golang-1.15.14-1.module+el8.4.0+20290+7af514f4.x86_64.rpm | Linux |
| Golang-bin update (ELSA-2021-3076) golang-bin-1.15.14-1.module+el8.4.0+20290+7af514f4.x86_64.rpm | Linux |
| Golang-docs update (ELSA-2021-3076) golang-docs-1.15.14-1.module+el8.4.0+20290+7af514f4.noarch.rpm | Linux |
| Golang-misc update (ELSA-2021-3076) golang-misc-1.15.14-1.module+el8.4.0+20290+7af514f4.noarch.rpm | Linux |
| Golang-race update (ELSA-2021-3076) golang-race-1.15.14-1.module+el8.4.0+20290+7af514f4.x86_64.rpm | Linux |
| Golang-src update (ELSA-2021-3076) golang-src-1.15.14-1.module+el8.4.0+20290+7af514f4.noarch.rpm | Linux |
| Golang-tests update (ELSA-2021-3076) golang-tests-1.15.14-1.module+el8.4.0+20290+7af514f4.noarch.rpm | Linux |
| Grafana update (ELSA-2023-6972) grafana-9.2.10-7.el8_9.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update aardvark-dns-1.10.0-1.module+el8.10.0+21209+52deeb51.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update buildah-1.33.6-2.module+el8.10.0+21371+46937ece.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update buildah-debuginfo-1.33.6-2.module+el8.10.0+21371+46937ece.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update buildah-debugsource-1.33.6-2.module+el8.10.0+21371+46937ece.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update buildah-tests-1.33.6-2.module+el8.10.0+21371+46937ece.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update buildah-tests-debuginfo-1.33.6-2.module+el8.10.0+21371+46937ece.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update cockpit-podman-84.1-1.module+el8.10.0+21373+0d273fdf.noarch.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update conmon-2.1.10-1.module+el8.10.0+21077+98b84d8a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update conmon-debuginfo-2.1.10-1.module+el8.10.0+21077+98b84d8a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update conmon-debugsource-2.1.10-1.module+el8.10.0+21077+98b84d8a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update container-selinux-2.229.0-2.module+el8.10.0+21196+3f0abbca.noarch.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update containernetworking-plugins-1.4.0-2.module+el8.10.0+21366+f9cb49f8.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update containernetworking-plugins-debuginfo-1.4.0-2.module+el8.10.0+21366+f9cb49f8.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update containernetworking-plugins-debugsource-1.4.0-2.module+el8.10.0+21366+f9cb49f8.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update containers-common-1-81.module+el8.10.0+21340+c6c7475a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update crit-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-debuginfo-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-debugsource-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-devel-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-libs-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update criu-libs-debuginfo-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update crun-1.14.3-2.module+el8.10.0+21340+c6c7475a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update crun-debuginfo-1.14.3-2.module+el8.10.0+21340+c6c7475a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update crun-debugsource-1.14.3-2.module+el8.10.0+21340+c6c7475a.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update fuse-overlayfs-1.13-1.module+el8.10.0+20412+95ee28e2.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update fuse-overlayfs-debuginfo-1.13-1.module+el8.10.0+20412+95ee28e2.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update fuse-overlayfs-debugsource-1.13-1.module+el8.10.0+20412+95ee28e2.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update libslirp-4.4.0-1.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update libslirp-debuginfo-4.4.0-1.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update libslirp-debugsource-4.4.0-1.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update libslirp-devel-4.4.0-1.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update netavark-1.10.3-1.module+el8.10.0+21306+6be40ce7.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+20565+a40ba0e5.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update oci-seccomp-bpf-hook-debuginfo-1.2.10-1.module+el8.10.0+20565+a40ba0e5.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update oci-seccomp-bpf-hook-debugsource-1.2.10-1.module+el8.10.0+20565+a40ba0e5.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-catatonit-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-catatonit-debuginfo-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-debuginfo-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-debugsource-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-docker-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.noarch.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-gvproxy-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-gvproxy-debuginfo-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-plugins-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-plugins-debuginfo-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-remote-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-remote-debuginfo-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update podman-tests-4.9.4-0.1.module+el8.10.0+21350+ea09fba1.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update python3-criu-3.18-4.module+el8.9.0+20326+387084d0.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update python3-podman-4.9.0-1.module+el8.10.0+21196+3f0abbca.noarch.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update runc-1.1.12-1.module+el8.10.0+21251+62b7388c.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update runc-debuginfo-1.1.12-1.module+el8.10.0+21251+62b7388c.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update runc-debugsource-1.1.12-1.module+el8.10.0+21251+62b7388c.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update skopeo-1.14.3-0.1.module+el8.10.0+21251+62b7388c.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update skopeo-tests-1.14.3-0.1.module+el8.10.0+21251+62b7388c.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update slirp4netns-1.2.3-1.module+el8.10.0+21306+6be40ce7.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update slirp4netns-debuginfo-1.2.3-1.module+el8.10.0+21306+6be40ce7.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update slirp4netns-debugsource-1.2.3-1.module+el8.10.0+21306+6be40ce7.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update toolbox-0.0.99.5-2.module+el8.10.0+21341+ff0b5f89.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update toolbox-debuginfo-0.0.99.5-2.module+el8.10.0+21341+ff0b5f89.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update toolbox-debugsource-0.0.99.5-2.module+el8.10.0+21341+ff0b5f89.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update toolbox-tests-0.0.99.5-2.module+el8.10.0+21341+ff0b5f89.x86_64.rpm | Linux |
| (RHSA-2024:2988)Moderate: security update udica-0.2.6-20.module+el8.9.0+20326+387084d0.noarch.rpm | Linux |
| Aardvark-dns update (ELSA-2024-2988) aardvark-dns-1.10.0-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Buildah update (ELSA-2024-2988) buildah-1.33.6-2.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Buildah-tests update (ELSA-2024-2988) buildah-tests-1.33.6-2.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Cockpit-podman update (ELSA-2024-2988) cockpit-podman-84.1-1.module+el8.10.0+90298+77a9814d.noarch.rpm | Linux |
| Conmon update (ELSA-2024-2988) conmon-2.1.10-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Container-selinux update (ELSA-2024-2988) container-selinux-2.229.0-2.module+el8.10.0+90298+77a9814d.noarch.rpm | Linux |
| Containernetworking-plugins update (ELSA-2024-2988) containernetworking-plugins-1.4.0-2.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Containers-common update (ELSA-2024-2988) containers-common-1-81.0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Crit update (ELSA-2024-2988) crit-3.18-4.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Criu update (ELSA-2024-2988) criu-3.18-4.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Criu-devel update (ELSA-2024-2988) criu-devel-3.18-4.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Criu-libs update (ELSA-2024-2988) criu-libs-3.18-4.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Crun update (ELSA-2024-2988) crun-1.14.3-2.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Fuse-overlayfs update (ELSA-2024-2988) fuse-overlayfs-1.13-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Libslirp update (ELSA-2024-2988) libslirp-4.4.0-1.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Libslirp-devel update (ELSA-2024-2988) libslirp-devel-4.4.0-1.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Netavark update (ELSA-2024-2988) netavark-1.10.3-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Oci-seccomp-bpf-hook update (ELSA-2024-2988) oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman update (ELSA-2024-2988) podman-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman-catatonit update (ELSA-2024-2988) podman-catatonit-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman-docker update (ELSA-2024-2988) podman-docker-4.9.4-0.1.module+el8.10.0+90298+77a9814d.noarch.rpm | Linux |
| Podman-gvproxy update (ELSA-2024-2988) podman-gvproxy-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman-plugins update (ELSA-2024-2988) podman-plugins-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman-remote update (ELSA-2024-2988) podman-remote-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Podman-tests update (ELSA-2024-2988) podman-tests-4.9.4-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Python3-criu update (ELSA-2024-2988) python3-criu-3.18-4.module+el8.9.0+90147+a4870853.x86_64.rpm | Linux |
| Python3-podman update (ELSA-2024-2988) python3-podman-4.9.0-1.module+el8.10.0+90298+77a9814d.noarch.rpm | Linux |
| Runc update (ELSA-2024-2988) runc-1.1.12-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Skopeo update (ELSA-2024-2988) skopeo-1.14.3-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Skopeo-tests update (ELSA-2024-2988) skopeo-tests-1.14.3-0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Slirp4netns update (ELSA-2024-2988) slirp4netns-1.2.3-1.module+el8.10.0+90298+77a9814d.x86_64.rpm | Linux |
| Udica update (ELSA-2024-2988) udica-0.2.6-20.module+el8.9.0+90147+a4870853.noarch.rpm | Linux |
| Improper Certificate Validation Vulnerability (CVE-2021-34558) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234