FreeBSD : go -- cmd/go: packages using cgo can cause arbitrary code execution at build time; crypto/elliptic: incorrect operations on the P-224 curve (6a4805d5-5aaf-11eb-a21d-79f5bc5ef6a9)

high Nessus Plugin ID 145095

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The Go project reports :

The go command may execute arbitrary code at build time when cgo is in use on Windows. This may occur when running 'go get', or any other command that builds code. Only users who build untrusted code (and don't execute it) are affected. In addition to Windows users, this can also affect Unix users who have '.' listed explicitly in their PATH and are running 'go get' or build commands outside of a module or with module mode disabled.

The P224() Curve implementation can in rare circumstances generate incorrect outputs, including returning invalid points from ScalarMult.
The crypto/x509 and golang.org/x/crypto/ocsp (but not crypto/tls) packages support P-224 ECDSA keys, but they are not supported by publicly trusted certificate authorities. No other standard library or golang.org/x/crypto package supports or uses the P-224 curve.

Solution

Update the affected package.

See Also

http://golang.org/issue/43783

http://golang.org/issue/43786

http://www.nessus.org/u?354b5e07

Plugin Details

Severity: High

ID: 145095

File Name: freebsd_pkg_6a4805d55aaf11eba21d79f5bc5ef6a9.nasl

Version: 1.4

Type: local

Published: 1/20/2021

Updated: 5/11/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2021-3114

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2021-3115

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:go, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 1/19/2021

Vulnerability Publication Date: 1/13/2021

Reference Information

CVE: CVE-2021-3114, CVE-2021-3115