7.5
CVE-2026-32283
- EPSS 0.62%
- Veröffentlicht 08.04.2026 01:06:57
- Zuletzt bearbeitet 09.07.2026 13:16:56
- Quelle security@golang.org
- CVE-Watchlists
- Unerledigt
Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls
If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.453 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-764 Multiple Locks of a Critical Resource
The product locks a critical resource more times than intended, leading to an unexpected state in the system.
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
https://go.dev/cl/763767
https://go.dev/issue/78334
https://bugzilla.redhat.com/show_bug.cgi?id=2456338
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32283.json
https://access.redhat.com/errata/RHSA-2026:16102
https://access.redhat.com/errata/RHSA-2026:17084
https://access.redhat.com/errata/RHSA-2026:19132
https://access.redhat.com/errata/RHSA-2026:19634
https://access.redhat.com/errata/RHSA-2026:22450
https://access.redhat.com/errata/RHSA-2026:22714
https://access.redhat.com/errata/RHSA-2026:22937
https://access.redhat.com/errata/RHSA-2026:23228
https://access.redhat.com/errata/RHSA-2026:26636
https://access.redhat.com/errata/RHSA-2026:28047
https://access.redhat.com/errata/RHSA-2026:7291
https://access.redhat.com/errata/RHSA-2026:7385
https://access.redhat.com/errata/RHSA-2026:16875
https://access.redhat.com/errata/RHSA-2026:17287
https://access.redhat.com/errata/RHSA-2026:19126
https://access.redhat.com/errata/RHSA-2026:19133
https://access.redhat.com/errata/RHSA-2026:19135
https://access.redhat.com/errata/RHSA-2026:19350
https://access.redhat.com/errata/RHSA-2026:19353
https://access.redhat.com/errata/RHSA-2026:19719
https://access.redhat.com/errata/RHSA-2026:19720
https://access.redhat.com/errata/RHSA-2026:19721
https://access.redhat.com/errata/RHSA-2026:19750
https://access.redhat.com/errata/RHSA-2026:21769
https://access.redhat.com/errata/RHSA-2026:22347
https://access.redhat.com/errata/RHSA-2026:22423
https://access.redhat.com/errata/RHSA-2026:23345
https://access.redhat.com/errata/RHSA-2026:27076
https://access.redhat.com/errata/RHSA-2026:29035
https://access.redhat.com/errata/RHSA-2026:29195
https://access.redhat.com/errata/RHSA-2026:29455
https://access.redhat.com/errata/RHSA-2026:29703
https://access.redhat.com/errata/RHSA-2026:33722
https://access.redhat.com/errata/RHSA-2026:34365
https://access.redhat.com/errata/RHSA-2026:28038
https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
https://access.redhat.com/errata/RHSA-2026:10217
https://access.redhat.com/errata/RHSA-2026:10219
https://access.redhat.com/errata/RHSA-2026:10704
https://access.redhat.com/errata/RHSA-2026:11507
https://access.redhat.com/errata/RHSA-2026:11514
https://access.redhat.com/errata/RHSA-2026:14162
https://access.redhat.com/errata/RHSA-2026:14200
https://access.redhat.com/errata/RHSA-2026:14391
https://access.redhat.com/errata/RHSA-2026:15980
https://access.redhat.com/errata/RHSA-2026:16021
https://access.redhat.com/errata/RHSA-2026:16024
https://access.redhat.com/errata/RHSA-2026:16101
https://access.redhat.com/errata/RHSA-2026:18027
https://access.redhat.com/errata/RHSA-2026:18032
https://access.redhat.com/errata/RHSA-2026:19144
https://access.redhat.com/errata/RHSA-2026:19450
https://access.redhat.com/errata/RHSA-2026:19550
https://access.redhat.com/errata/RHSA-2026:19714
https://access.redhat.com/errata/RHSA-2026:19715
https://access.redhat.com/errata/RHSA-2026:19722
https://access.redhat.com/errata/RHSA-2026:19839
https://access.redhat.com/errata/RHSA-2026:20556
https://access.redhat.com/errata/RHSA-2026:20569
https://access.redhat.com/errata/RHSA-2026:20570
https://access.redhat.com/errata/RHSA-2026:20571
https://access.redhat.com/errata/RHSA-2026:20607
https://access.redhat.com/errata/RHSA-2026:20608
https://access.redhat.com/errata/RHSA-2026:20609
https://access.redhat.com/errata/RHSA-2026:22485
https://access.redhat.com/errata/RHSA-2026:22709
https://access.redhat.com/errata/RHSA-2026:22713
https://access.redhat.com/errata/RHSA-2026:23102
https://access.redhat.com/errata/RHSA-2026:23103
https://access.redhat.com/errata/RHSA-2026:24337
https://access.redhat.com/errata/RHSA-2026:24470
https://access.redhat.com/errata/RHSA-2026:24761
https://access.redhat.com/errata/RHSA-2026:24762
https://access.redhat.com/errata/RHSA-2026:26447
https://access.redhat.com/errata/RHSA-2026:26571
https://access.redhat.com/errata/RHSA-2026:28074
https://access.redhat.com/errata/RHSA-2026:34192
https://access.redhat.com/errata/RHSA-2026:34196
https://access.redhat.com/errata/RHSA-2026:34197
https://access.redhat.com/errata/RHSA-2026:36796
https://access.redhat.com/errata/RHSA-2026:19137
https://pkg.go.dev/vuln/GO-2026-4870
https://access.redhat.com/errata/RHSA-2026:11704
https://access.redhat.com/errata/RHSA-2026:11711
https://access.redhat.com/errata/RHSA-2026:11712
https://access.redhat.com/errata/RHSA-2026:11863
https://access.redhat.com/errata/RHSA-2026:11881
https://access.redhat.com/errata/RHSA-2026:17075
https://access.redhat.com/errata/RHSA-2026:19134
https://access.redhat.com/errata/RHSA-2026:19136
https://access.redhat.com/errata/RHSA-2026:19139
https://access.redhat.com/errata/RHSA-2026:19156
https://access.redhat.com/errata/RHSA-2026:19351
https://access.redhat.com/errata/RHSA-2026:19352
https://access.redhat.com/errata/RHSA-2026:19369
https://access.redhat.com/security/cve/CVE-2026-32283