Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-2q89-485c-9j2x

GitHub Security Advisory

Improper random reading in CIRCL

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether `crypto/rand.Read()` returns an error. In rare deployment cases (error thrown by the `Read()` function), this could lead to a predictable shared secret.

The tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides `crypto/rand.Reader`, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.

### Patches
The fix was introduced in CIRCL v. 1.3.3

Affected Packages

Go github.com/cloudflare/circl
Affected versions: 0 (fixed in 1.3.3)

Related CVEs

CVE-2023-1732

Key Information

GHSA ID
GHSA-2q89-485c-9j2x
Published
May 11, 2023 8:40 PM
Last Modified
May 24, 2023 6:31 PM
CVSS Score
5.0 /10
Primary Ecosystem
Go
Primary Package
github.com/cloudflare/circl
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.