{"id":"GHSA-qjrq-hm79-49ww","summary":"ginuerzh/gost vulnerable to Timing Attack","details":"[Timing attacks](https://en.wikipedia.org/wiki/Timing_attack) occur when an attacker can guess a secret by observing a difference in processing time for valid and invalid inputs. Sensitive secrets such as passwords, token and API keys should be compared only using a constant-time comparision function.\nMore information on this attack type can be found in [this blog post](https://verboselogging.com/2012/08/20/a-timing-attack-in-action). \n\n# Root Cause Analysis\n\nIn this case, the vulnerability occurs due to the following code.\n\nhttps://github.com/ginuerzh/gost/blob/1c62376e0880e4094bd3731e06bd4f7842638f6a/auth.go#L46-L46\n\nHere, a untrusted input, sourced from a HTTP header, is compared directly with a secret. \nSince, this comparision is not secure, an attacker can mount a side-channel timing attack to guess the password.\n\n# Remediation\n\nThis can be easily fixed using a constant time comparing function such as `crypto/subtle`'s `ConstantTimeCompare`. \nAn example fix can be found in https://github.com/runatlantis/atlantis/commit/48870911974adddaa4c99c8089e79b7d787fa820 Alternatively, one can apply the patch below\n\n```\nFrom d18cff85e1a565f688f717fd8f2cacea62ff9dbf Mon Sep 17 00:00:00 2001\nFrom: Porcupiney Hairs \u003cporcupiney.hairs@protonmail.com\u003e\nDate: Sun, 7 May 2023 01:03:33 +0530\nSubject: [PATCH] Fix : Timing attack\n\n---\n auth.go | 4 +++-\n 1 file changed, 3 insertions(+), 1 deletion(-)\n\ndiff --git a/auth.go b/auth.go\nindex 1be96e9..be13f23 100644\n--- a/auth.go\n+++ b/auth.go\n@@ -2,6 +2,7 @@ package gost\n \n import (\n \t\"bufio\"\n+\t\"crypto/subtle\"\n \t\"io\"\n \t\"strings\"\n \t\"sync\"\n@@ -43,7 +44,8 @@ func (au *LocalAuthenticator) Authenticate(user, password string) bool {\n \t}\n \n \tv, ok := au.kvs[user]\n-\treturn ok && (v == \"\" || password == v)\n+\tpassOk := subtle.ConstantTimeCompare([]byte(password), []byte(v)) == 0\n+\treturn ok && (v == \"\" || passOk)\n }\n \n // Add adds a key-value pair to the Authenticator.\n-- \n2.25.1\n\n```","aliases":["CVE-2023-32691"],"modified":"2023-11-08T04:12:35.875611Z","published":"2023-05-22T19:47:15Z","related":["CVE-2023-32691"],"database_specific":{"github_reviewed_at":"2023-05-22T19:47:15Z","severity":"MODERATE","nvd_published_at":"2023-05-30T04:15:09Z","cwe_ids":["CWE-203"],"github_reviewed":true},"references":[{"type":"WEB","url":"https://github.com/ginuerzh/gost/security/advisories/GHSA-qjrq-hm79-49ww"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32691"},{"type":"PACKAGE","url":"https://github.com/ginuerzh/gost"},{"type":"WEB","url":"https://github.com/ginuerzh/gost/blob/1c62376e0880e4094bd3731e06bd4f7842638f6a/auth.go#L46"}],"affected":[{"package":{"name":"github.com/ginuerzh/gost","ecosystem":"Go","purl":"pkg:golang/github.com/ginuerzh/gost"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"last_affected":"2.11.5"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-qjrq-hm79-49ww/GHSA-qjrq-hm79-49ww.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N"}]}