7.5
HIGH
CVE-2024-1394
Golang OpenSSL RSA Memory Leak Vulnerability
Description

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.

INFO

Published Date :

March 21, 2024, 1 p.m.

Last Modified :

Sept. 26, 2024, 11:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2024-1394 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-1394 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Redhat enterprise_linux
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-1394.

URL Resource
https://access.redhat.com/errata/RHSA-2024:1462
https://access.redhat.com/errata/RHSA-2024:1468
https://access.redhat.com/errata/RHSA-2024:1472
https://access.redhat.com/errata/RHSA-2024:1501
https://access.redhat.com/errata/RHSA-2024:1502
https://access.redhat.com/errata/RHSA-2024:1561
https://access.redhat.com/errata/RHSA-2024:1563
https://access.redhat.com/errata/RHSA-2024:1566
https://access.redhat.com/errata/RHSA-2024:1567
https://access.redhat.com/errata/RHSA-2024:1574
https://access.redhat.com/errata/RHSA-2024:1640
https://access.redhat.com/errata/RHSA-2024:1644
https://access.redhat.com/errata/RHSA-2024:1646
https://access.redhat.com/errata/RHSA-2024:1763
https://access.redhat.com/errata/RHSA-2024:1897
https://access.redhat.com/errata/RHSA-2024:2562
https://access.redhat.com/errata/RHSA-2024:2568
https://access.redhat.com/errata/RHSA-2024:2569
https://access.redhat.com/errata/RHSA-2024:2729
https://access.redhat.com/errata/RHSA-2024:2730
https://access.redhat.com/errata/RHSA-2024:2767
https://access.redhat.com/errata/RHSA-2024:3265
https://access.redhat.com/errata/RHSA-2024:3352
https://access.redhat.com/errata/RHSA-2024:4146
https://access.redhat.com/errata/RHSA-2024:4371
https://access.redhat.com/errata/RHSA-2024:4378
https://access.redhat.com/errata/RHSA-2024:4379
https://access.redhat.com/errata/RHSA-2024:4502
https://access.redhat.com/errata/RHSA-2024:4581
https://access.redhat.com/errata/RHSA-2024:4591
https://access.redhat.com/errata/RHSA-2024:4672
https://access.redhat.com/errata/RHSA-2024:4699
https://access.redhat.com/errata/RHSA-2024:4761
https://access.redhat.com/errata/RHSA-2024:4762
https://access.redhat.com/errata/RHSA-2024:4960
https://access.redhat.com/errata/RHSA-2024:5258
https://access.redhat.com/errata/RHSA-2024:5634
https://access.redhat.com/errata/RHSA-2024:7262
https://access.redhat.com/security/cve/CVE-2024-1394
https://bugzilla.redhat.com/show_bug.cgi?id=2262921
https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136
https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6
https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f
https://pkg.go.dev/vuln/GO-2024-2660
https://vuln.go.dev/ID/GO-2024-2660.json

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
NaInSec/CVE-LIST

Ini adalah repository kumpulan CVE v.5

allcve cve cvelist newcve

Updated: 1 month, 3 weeks ago
2 stars 0 fork 0 watcher
Born at : March 24, 2024, 3:01 p.m. This repo has been linked 1214 different CVEs too.
Profile Photo
chnzzh/OpenSSL-CVE-lib

None

Updated: 3 weeks, 4 days ago
5 stars 0 fork 0 watcher
Born at : Feb. 23, 2023, 5:42 a.m. This repo has been linked 455 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-1394 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2024-1394 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Sep. 26, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:7262 [No types assigned]
  • CVE Modified by [email protected]

    Aug. 21, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:5634 [No types assigned]
  • CVE Modified by [email protected]

    Aug. 13, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:5258 [No types assigned]
  • CVE Modified by [email protected]

    Aug. 07, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4960 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 25, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4699 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 23, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4761 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4762 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 22, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4672 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 17, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4591 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 16, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4581 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 15, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4502 [No types assigned]
  • CVE Modified by [email protected]

    Jul. 08, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4371 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4378 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4379 [No types assigned]
  • CVE Modified by [email protected]

    Jun. 27, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:4146 [No types assigned]
  • CVE Modified by [email protected]

    Jun. 26, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:3352 [No types assigned]
  • CVE Modified by [email protected]

    Jun. 11, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jun. 05, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jun. 03, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 30, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 22, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2729 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2730 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2767 [No types assigned]
  • CVE Modified by [email protected]

    May. 22, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:3265 [No types assigned]
  • CVE Modified by [email protected]

    May. 22, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 21, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 19, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 15, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Apr. 30, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2562 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2568 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:2569 [No types assigned]
  • CVE Modified by [email protected]

    Apr. 27, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1897 [No types assigned]
  • CVE Modified by [email protected]

    Apr. 25, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1763 [No types assigned]
  • CVE Modified by [email protected]

    Apr. 16, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136 [No types assigned]
    Added Reference Red Hat, Inc. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f [No types assigned]
    Added Reference Red Hat, Inc. https://pkg.go.dev/vuln/GO-2024-2660 [No types assigned]
    Added Reference Red Hat, Inc. https://vuln.go.dev/ID/GO-2024-2660.json [No types assigned]
  • CVE Modified by [email protected]

    Apr. 03, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1566 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1567 [No types assigned]
  • CVE Modified by [email protected]

    Apr. 03, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1574 [No types assigned]
  • CVE Modified by [email protected]

    Apr. 03, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1561 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1563 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1640 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1644 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1646 [No types assigned]
  • CVE Modified by [email protected]

    Mar. 26, 2024

    Action Type Old Value New Value
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1501 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1502 [No types assigned]
  • CVE Modified by [email protected]

    Mar. 21, 2024

    Action Type Old Value New Value
    Changed Description A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs?. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey? and ctx?. That function uses named return parameters to free pkey? and ctx? if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey? and ctx? will be nil inside the deferred function that should free them. A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1468 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1472 [No types assigned]
  • CVE Received by [email protected]

    Mar. 21, 2024

    Action Type Old Value New Value
    Added Description A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
    Added Reference Red Hat, Inc. https://access.redhat.com/errata/RHSA-2024:1462 [No types assigned]
    Added Reference Red Hat, Inc. https://access.redhat.com/security/cve/CVE-2024-1394 [No types assigned]
    Added Reference Red Hat, Inc. https://bugzilla.redhat.com/show_bug.cgi?id=2262921 [No types assigned]
    Added Reference Red Hat, Inc. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6 [No types assigned]
    Added CWE Red Hat, Inc. CWE-401
    Added CVSS V3.1 Red Hat, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-1394 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-1394 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: