{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32283", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2026-03-11T16:38:46.556Z", "datePublished": "2026-04-08T01:06:57.670Z", "dateUpdated": "2026-04-08T01:06:57.670Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-08T01:06:57.670Z"}, "title": "Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls", "descriptions": [{"lang": "en", "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}], "affected": [{"vendor": "Go standard library", "product": "crypto/tls", "collectionURL": "https://pkg.go.dev", "packageName": "crypto/tls", "versions": [{"version": "0", "lessThan": "1.25.9", "status": "affected", "versionType": "semver"}, {"version": "1.26.0-0", "lessThan": "1.26.2", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "Conn.handleKeyUpdate"}, {"name": "clientHandshakeStateTLS13.establishHandshakeKeys"}, {"name": "clientHandshakeStateTLS13.readServerFinished"}, {"name": "serverHandshakeStateTLS13.sendServerParameters"}, {"name": "serverHandshakeStateTLS13.readClientFinished"}, {"name": "Conn.Handshake"}, {"name": "Conn.HandshakeContext"}, {"name": "Conn.Read"}, {"name": "Conn.Write"}, {"name": "Dial"}, {"name": "DialWithDialer"}, {"name": "Dialer.Dial"}, {"name": "Dialer.DialContext"}, {"name": "QUICConn.HandleData"}, {"name": "QUICConn.Start"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-667: Improper Locking"}]}], "references": [{"url": "https://go.dev/cl/763767"}, {"url": "https://go.dev/issue/78334"}, {"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"}, {"url": "https://pkg.go.dev/vuln/GO-2026-4870"}], "credits": [{"lang": "en", "value": "Jakub Ciolek - https://ciolek.dev/"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}], "id": "CVE-2026-32283", "lastModified": "2026-04-08T21:26:35.910", "metrics": {}, "published": "2026-04-08T02:16:03.580", "references": [{"source": "security@golang.org", "url": "https://go.dev/cl/763767"}, {"source": "security@golang.org", "url": "https://go.dev/issue/78334"}, {"source": "security@golang.org", "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"}, {"source": "security@golang.org", "url": "https://pkg.go.dev/vuln/GO-2026-4870"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.25.9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.26.0-0,1.26.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "crypto/tls", "source": "cna", "vendor": "Go standard library"}, "product": "crypto_tls", "vendor": "go_standard_library"}], "analysis": {"en": {"generated_at": "2026-04-08T02:22:30.889668+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest Go release that contains the resolution referenced in go.dev/cl/763767 and go.dev/issue/78334.", "If an upgrade is not immediately possible, implement application\u2011level limits on the number of key update messages processed in a single connection, or enforce strict timeouts for stalled TLS sessions.", "Monitor TLS traffic for an abnormal frequency of key update records and generate alerts if thresholds are exceeded."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via persistent connection retention"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts any implementation that uses the Go standard library, particularly the crypto/tls package. No specific Go version is listed, so all systems that rely on crypto/tls are potentially affected until a patch is applied. ", "description_and_impact": "A flaw in Go\u2019s standard library crypto/tls allows a TLS 1.3 client or server to send multiple key update messages compressed into a single record after the handshake. The receiver\u2019s implementation can deadlock, consuming resources without returning control, which results in a denial\u2011of\u2011service condition. The weakness stems from improper handling of resource exhaustion in the TLS layer. ", "risk_and_exploitability": "The CVSS score is not provided, and the EPSS score is unavailable, while the vulnerability is not listed in the CISA KEV catalog. The described attack requires the ability to initiate or participate in a TLS 1.3 session. An attacker can send repeated key update messages after the handshake to trigger the deadlock and exhaust server resources. Based on the description, it is inferred that the attack vector is remote network traffic over any port that accepts TLS 1.3 connections. The potential impact is limited to availability, but the lack of exhaustion safeguards can lead to prolonged service disruption. "}}}}, "created": "2026-04-08T19:33:37.747663+00:00", "updated": "2026-04-08T19:44:18.651477+00:00", "vendors": ["go_standard_library", "go_standard_library$PRODUCT$crypto_tls"]}