Update module github.com/aws/aws-sdk-go to v1.34.0 [SECURITY] #13
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.25.34
->v1.34.0
GitHub Vulnerability Alerts
CVE-2020-8912
Summary
The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures (without revealing the plaintext) and that when encrypting the GCM option was chosen as content cipher.
Risk/Severity
The vulnerability pose insider risks/privilege escalation risks, circumventing KMS controls for stored data.
Impact
This advisory describes the plaintext revealing vulnerabilities in the golang AWS S3 Crypto SDK, with a similar issue in the non "strict" versions of C++ and Java S3 Crypto SDKs being present as well.
V1 prior to 1.34.0 of the S3 crypto SDK does not authenticate the algorithm parameters for the data encryption key.
An attacker with write access to the bucket can use this in order to change the encryption algorithm of an object in the bucket, which can lead to problems depending on the supported algorithms. For example, a switch from AES-GCM to AES-CTR in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation.
By default, the only available algorithms in the SDK are AES-GCM and AES-CBC. Switching the algorithm from AES-GCM to AES-CBC can be used as way to reconstruct the plaintext through an oracle endpoint revealing decryption failures, by brute forcing 16 byte chunks of the plaintext. Note that the plaintext needs to have some known structure for this to work, as a uniform random 16 byte string would be the same as a 128 bit encryption key, which is considered cryptographically safe.
The attack works by taking a 16 byte AES-GCM encrypted block guessing 16 bytes of plaintext, constructing forgery that pretends to be PKCS5 padded AES-CBC, using the ciphertext and the plaintext guess and that will decrypt to a valid message if the guess was correct.
To understand this attack, we have to take a closer look at both AES-GCM and AES-CBC:
AES-GCM encrypts using a variant of CTR mode, i.e.
C_i = AES-Enc(CB_i) ^ M_i
. AES-CBC on the other hand decrypts viaM_i = AES-Dec(C_i) ^ C_{i-1}
, whereC_{-1} = IV
. The padding oracle can tell us if, after switching to CBC mode, the plaintext recovered is padded with a valid PKCS5 padding.Since
AES-Dec(C_i ^ M_i) = CB_i
, if we setIV' = CB_i ^ 0x10*[16]
, where0x10*[16]
is the byte0x10
repeated 16 times, andC_0' = C_i ^ M_i'
the resulting one block message(IV', C_0')
will have valid PKCS5 padding if our guessM_i'
forM_i
was correct, since the decrypted message consists of 16 bytes of value0x10
, the PKCS5 padded empty string.Note however, that an incorrect guess might also result in a valid padding, if the AES decryption result randomly happens to end in
0x01
,0x0202
, or a longer valid padding. In order to ensure that the guess was indeed correct, a second check usingIV'' = IV' ^ (0x00*[15] || 0x11)
with the same ciphertext block has to be performed. This will decrypt to 15 bytes of value0x10
and one byte of value0x01
if our initial guess was correct, producing a valid padding. On an incorrect guess, this second ciphertext forgery will have an invalid padding with a probability of 1:2^128, as one can easily see.This issue is fixed in V2 of the API, by using the
KMS+context
key wrapping scheme for new files, authenticating the algorithm. Old files encrypted with theKMS
key wrapping scheme remain vulnerable until they are reencrypted with the new scheme.Mitigation
Using the version 2 of the S3 crypto SDK will not produce vulnerable files anymore. Old files remain vulnerable to this problem if they were originally encrypted with GCM mode and use the
KMS
key wrapping option.Proof of concept
A Proof of concept is available in a separate github repository.
This particular issue is described in combined_oracle_exploit.go:
CVE-2020-8911
Summary
The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures (without revealing the plaintext) and that when encrypting the CBC option was chosen as content cipher.
Risk/Severity
The vulnerability pose insider risks/privilege escalation risks, circumventing KMS controls for stored data.
Impact
This advisory describes the plaintext revealing vulnerabilities in the golang AWS S3 Crypto SDK, with a similar issue in the non "strict" versions of C++ and Java S3 Crypto SDKs being present as well.
V1 prior to 1.34.0 of the S3 crypto SDK, allows users to encrypt files with AES-CBC, without computing a MAC on the data. Note that there is an alternative option of using AES-GCM, which is used in the examples of the documentation and not affected by this vulnerability, but by CVE-2020-8912.
This exposes a padding oracle vulnerability: If the attacker has write access to the S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file (without observing the file contents that the endpoint learns in the process), they can reconstruct the plaintext with (on average)
128*length(plaintext)
queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors.This issue is fixed in V2 of the API, by disabling encryption with CBC mode for new files. Old files, if they have been encrypted with CBC mode, remain vulnerable until they are reencrypted with AES-GCM.
Mitigation
Using the version 2 of the S3 crypto SDK will not produce vulnerable files anymore. Old files remain vulnerable to this problem if they were originally encrypted with CBC mode.
Proof of concept
A Proof of concept is available in a separate github repository.
This particular issue is described in padding_oracle_exploit.go:
GHSA-76wf-9vgp-pj7w
Summary
The golang AWS S3 Crypto SDK was impacted by an issue that can result in loss of confidentiality. An attacker with read access to an encrypted S3 bucket was able to recover the plaintext without accessing the encryption key.
Specific Go Packages Affected
github.com/aws/aws-sdk-go/service/s3/s3crypto
Risk/Severity
The vulnerability poses insider risks/privilege escalation risks, circumventing KMS controls for stored data.
Impact
The issue has been fully mitigated by AWS as of Aug. 5th by disallowing the header in question.
The S3 crypto library tries to store an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext in an offline attack, if the hash is readable to the attacker. In order to be impacted by this issue, the attacker has to be able to guess the plaintext as a whole. The attack is theoretically valid if the plaintext entropy is below the key size, i.e. if it is easier to brute force the plaintext instead of the key itself, but practically feasible only for short plaintexts or plaintexts otherwise accessible to the attacker in order to create a rainbow table.
The issue has been fixed server-side by AWS as of Aug 5th, by blocking the related metadata field. No S3 objects are affected anymore.
Mitigation
The header in question is no longer served by AWS, making this attack fully mitigated as of Aug. 5th.
Proof of concept
A Proof of concept is available in a separate github repository, this particular issue can be found at here:
The PoC will only work on old versions of the library, as the hash has been removed from being calculated as well.
CVE-2022-2582
The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it.
Release Notes
aws/aws-sdk-go (github.com/aws/aws-sdk-go)
v1.34.0
Compare Source
===
Service Client Updates
service/glue
: Updates service API and documentationservice/organizations
: Updates service API and documentationservice/s3
: Updates service documentation and examplesservice/sms
: Updates service API and documentationSDK Features
service/s3/s3crypto
: Updates to the Amazon S3 Encryption Client - This change includes fixes for issues that were reported by Sophie Schmieg from the Google ISE team, and for issues that were discovered by AWS Cryptography.v1.33.21
Compare Source
===
Service Client Updates
service/ec2
: Updates service API, documentation, and paginatorsservice/lex-models
: Updates service API and documentationservice/personalize
: Updates service API and documentationservice/personalize-events
: Updates service API and documentationservice/personalize-runtime
: Updates service API and documentationservice/runtime.lex
: Updates service API and documentationv1.33.20
Compare Source
===
Service Client Updates
service/appsync
: Updates service API and documentationservice/fsx
: Updates service documentationservice/resourcegroupstaggingapi
: Updates service documentationservice/sns
: Updates service documentationservice/transcribe
: Updates service API, documentation, and paginatorsv1.33.19
Compare Source
===
Service Client Updates
service/health
: Updates service documentationv1.33.18
Compare Source
===
Service Client Updates
service/ssm
: Updates service waiters and paginatorsv1.33.17
Compare Source
===
Service Client Updates
service/chime
: Updates service APIservice/personalize-runtime
: Updates service API and documentationservice/resourcegroupstaggingapi
: Updates service API and documentationservice/storagegateway
: Updates service API and documentationservice/wafv2
: Updates service API and documentationv1.33.16
Compare Source
===
Service Client Updates
service/cloudfront
: Updates service documentationservice/codebuild
: Updates service API, documentation, and paginatorsservice/ec2
: Updates service APIservice/guardduty
: Updates service API, documentation, and paginatorsservice/kafka
: Updates service API and documentationservice/organizations
: Updates service documentationservice/resource-groups
: Updates service documentationservice/servicecatalog
: Updates service API and documentationservice/sesv2
: Updates service API, documentation, and paginatorsv1.33.15
Compare Source
===
Service Client Updates
service/ec2
: Updates service API, documentation, and paginatorsservice/ecr
: Updates service API and documentationservice/firehose
: Updates service API and documentationservice/guardduty
: Updates service API and documentationservice/resource-groups
: Updates service API and documentationservice/servicediscovery
: Updates service documentationv1.33.14
Compare Source
===
Service Client Updates
service/autoscaling
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/imagebuilder
: Updates service API and documentationservice/ivs
: Updates service API and documentationservice/medialive
: Updates service API and documentationservice/rds
: Updates service documentationservice/securityhub
: Updates service API and documentationv1.33.13
Compare Source
===
Service Client Updates
service/datasync
: Updates service API and documentationservice/dms
: Updates service API, documentation, and paginatorsservice/ec2
: Updates service APIservice/frauddetector
: Updates service API and documentationservice/glue
: Updates service API and documentationservice/ssm
: Updates service documentationv1.33.12
Compare Source
===
Service Client Updates
service/frauddetector
: Updates service API and documentationservice/fsx
: Updates service documentationservice/kendra
: Updates service API and documentationservice/macie2
: Updates service API and documentationservice/mediaconnect
: Updates service API and documentationservice/mediapackage
: Updates service API and documentationservice/monitoring
: Updates service API and documentationservice/mq
: Updates service API, documentation, and paginatorsservice/sagemaker
: Updates service API, documentation, and paginatorsSDK Bugs
service/s3/s3crypto
: Fix client's temporary file buffer error on retry (#3344)v1.33.11
Compare Source
===
Service Client Updates
service/config
: Updates service API and documentationservice/directconnect
: Updates service documentationservice/fsx
: Updates service API and documentationservice/glue
: Updates service API and documentationservice/lightsail
: Updates service API and documentationservice/workspaces
: Updates service API and documentationv1.33.10
Compare Source
===
Service Client Updates
service/medialive
: Updates service API and documentationservice/quicksight
: Updates service API, documentation, and paginatorsSDK Enhancements
example/aws/request/httptrace
: Update example with more metrics (#3436)v1.33.9
Compare Source
===
Service Client Updates
service/codeguruprofiler
: Updates service API and documentationv1.33.8
Compare Source
===
Service Client Updates
service/cloudfront
: Adds new serviceservice/codebuild
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/fms
: Updates service API and documentationservice/frauddetector
: Updates service API, documentation, and paginatorsservice/groundstation
: Updates service API and documentationservice/rds
: Updates service API and documentationv1.33.7
Compare Source
===
Service Client Updates
service/application-autoscaling
: Updates service documentationservice/appsync
: Updates service documentationservice/connect
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/elasticbeanstalk
: Updates service waiters and paginatorsEnvironmentExists
,EnvironmentUpdated
, andEnvironmentTerminated
. Add paginators forDescribeEnvironmentManagedActionHistory
andListPlatformVersions
.service/macie2
: Updates service API, documentation, and paginatorsSDK Enhancements
service/s3/s3manager
: Clarify documentation and behavior of GetBucketRegion (#3428)service/s3
: Add failsafe handling for unknown stream messages<streamName>UnknownEvent
type will encapsulate the unknown message received from the API. Where<streamName>
is the name of the API's stream, (e.g. S3'sSelectObjectContentEventStreamUnknownEvent
).v1.33.6
Compare Source
===
Service Client Updates
service/ivs
: Adds new serviceSDK Enhancements
service/s3/s3crypto
: Allow envelope unmarshal to accept JSON numbers for tag length (#3422)v1.33.5
Compare Source
===
Service Client Updates
service/alexaforbusiness
: Updates service API and documentationservice/amplify
: Updates service documentationservice/appmesh
: Updates service API, documentation, and paginatorsservice/cloudhsmv2
: Updates service documentationservice/comprehend
: Updates service API and documentationservice/ebs
: Updates service API and documentationservice/eventbridge
: Updates service API and documentationservice/events
: Updates service API and documentationservice/sagemaker
: Updates service API and documentationservice/secretsmanager
: Updates service API, documentation, and examplesservice/sns
: Updates service documentationservice/wafv2
: Updates service API and documentationv1.33.4
Compare Source
===
Service Client Updates
service/ce
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/forecast
: Updates service API and documentationservice/organizations
: Updates service API and documentationv1.33.3
Compare Source
===
Service Client Updates
service/cloudfront
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/elasticfilesystem
: Updates service API, documentation, and examplesservice/glue
: Updates service API and documentationservice/lakeformation
: Updates service API and documentationservice/storagegateway
: Updates service API and documentationv1.33.2
Compare Source
===
Service Client Updates
service/ec2
: Updates service API, documentation, and paginatorsservice/lex-models
: Updates service API and documentationservice/personalize
: Updates service API and documentationservice/personalize-events
: Updates service API and documentationservice/personalize-runtime
: Updates service API and documentationservice/runtime.lex
: Updates service API and documentationv1.33.1
Compare Source
===
Service Client Updates
service/health
: Updates service documentationv1.33.0
Compare Source
===
Service Client Updates
service/appsync
: Updates service API and documentationservice/chime
: Updates service API and documentationservice/codebuild
: Updates service API and documentationservice/imagebuilder
: Updates service API and documentationservice/rds
: Updates service APIservice/securityhub
: Updates service API and documentationSDK Features
service/s3/s3crypto
: IntroducesEncryptionClientV2
andDecryptionClientV2
encryption and decryption clients which support a new key wrapping algorithmkms+context
. (#3403)DecryptionClientV2
maintains the ability to decrypt objects encrypted using theEncryptionClient
.s3crypto
documentation for migration details.v1.32.13
Compare Source
===
Service Client Updates
service/codeguru-reviewer
: Updates service API and documentationservice/comprehendmedical
: Updates service APIservice/ec2
: Updates service API and documentationservice/ecr
: Updates service API and documentationservice/rds
: Updates service documentationv1.32.12
Compare Source
===
Service Client Updates
service/autoscaling
: Updates service documentation and examplesservice/codeguruprofiler
: Updates service API, documentation, and paginatorsservice/codestar-connections
: Updates service API, documentation, and paginatorsservice/ec2
: Updates service API, documentation, and paginatorsv1.32.11
Compare Source
===
Service Client Updates
service/cloudformation
: Updates service API and documentationStackInstanceStatus
object that containsDetailedStatus
values: a disambiguation of the more genericStatus
value. ListStackInstances output can now be filtered onDetailedStatus
using the newFilters
parameter.service/cognito-idp
: Updates service APIservice/dms
: Updates service documentationservice/quicksight
: Updates service API and documentationservice/sagemaker
: Updates service API and documentationv1.32.10
Compare Source
===
Service Client Updates
service/ec2
: Updates service API and documentationservice/glue
: Updates service API and documentationv1.32.9
Compare Source
===
Service Client Updates
service/amplify
: Updates service API and documentationservice/autoscaling
: Updates service documentationservice/backup
: Updates service API and documentationservice/codecommit
: Updates service API, documentation, and paginatorsservice/elasticmapreduce
: Updates service API and documentationservice/fsx
: Updates service API and documentationservice/honeycode
: Adds new serviceservice/iam
: Updates service documentationservice/organizations
: Updates service API and documentationv1.32.8
Compare Source
===
Service Client Updates
service/mediatailor
: Updates service API and documentationservice/organizations
: Updates service API and documentationv1.32.7
Compare Source
===
Service Client Updates
service/ec2
: Updates service API and documentationservice/elasticmapreduce
: Updates service API and documentationservice/rds
: Updates service documentation and paginatorsservice/rekognition
: Updates service API, documentation, and paginatorsservice/sqs
: Updates service API, documentation, and paginatorsv1.32.6
Compare Source
===
Service Client Updates
service/ec2
: Updates service APIservice/elasticache
: Updates service documentationservice/medialive
: Updates service API and documentationservice/opsworkscm
: Updates service API and documentationv1.32.5
Compare Source
===
Service Client Updates
service/mediaconvert
: Updates service API and documentationservice/meteringmarketplace
: Updates service documentationservice/rds
: Updates service API and documentationservice/route53
: Updates service API and documentationservice/sesv2
: Updates service API and documentationservice/ssm
: Updates service API and documentationservice/support
: Updates service documentationv1.32.4
Compare Source
===
Service Client Updates
service/appmesh
: Updates service API and documentationservice/ec2
: Updates service API and documentationservice/macie2
: Updates service documentationservice/route53
: Updates service APIservice/snowball
: Updates service API and documentationSDK Enhancements
private/protocol
: Adds support for decimal precision UNIX timestamps up to thousandths of a second (#3376)v1.32.3
Compare Source
===
Service Client Updates
service/autoscaling
: Updates service API and documentationservice/cloudfront
: Updates service documentationservice/dataexchange
: Updates service APIservice/lambda
: Updates service API, documentation, and examplesservice/polly
: Updates service APIservice/qldb
: Updates service documentationv1.32.2
Compare Source
===
Service Client Updates
service/alexaforbusiness
: Updates service API and documentationservice/appconfig
: Updates service API, documentation, and paginatorsservice/chime
: Updates service API and documentationservice/cognito-idp
: Updates service API and documentationservice/iot
: Updates service API and documentationv1.32.1
Compare Source
===
Service Client Updates
service/codeguru-reviewer
: Updates service API and documentationservice/comprehendmedical
: Updates service APIservice/ec2
: Updates service API and documentationservice/ecr
: Updates service API and documentationservice/rds
: Updates service documentationv1.32.0
Compare Source
===
Service Client Updates
service/ecs
: Updates service API and documentationservice/imagebuilder
: Updates service API and documentationservice/lex-models
: Updates service API and documentationSDK Features
service/iotdataplane
: As part of this release, we are introducing a new feature called named shadow, which extends the capability of AWS IoT Device Shadow to support multiple shadows for a single IoT device. With this release, customers can store different device state data into different shadows, and as a result access only the required state data when needed and reduce individual shadow size.v1.31.15
Compare Source
===
Service Client Updates
service/appconfig
: Updates service API and documentationservice/codeartifact
: Adds new serviceservice/compute-optimizer
: Updates service API and documentationservice/dlm
: Updates service APIservice/ec2
: Updates service APIservice/lightsail
: Updates service documentationservice/macie2
: Updates service API and documentationservice/servicecatalog
: Updates service documentationservice/shield
: Updates service API and documentationSDK Enhancements
aws/credentials
: Update documentation for shared credentials provider to specify the type of credentials it supports retrieving from shared credentials file.v1.31.14
Compare Source
===
Service Client Updates
service/transfer
: Updates service API and documentationv1.31.13
Compare Source
===
Service Client Updates
service/servicediscovery
: Updates service API, documentation, and examplesservice/shield
: Updates service API, documentation, and paginatorsv1.31.12
Compare Source
===
Service Client Updates
service/apigateway
: Updates service API and documentationservice/cloudfront
: Updates service API and documentationservice/elasticbeanstalk
: Updates service API and documentationservice/personalize
: Updates service API and documentationservice/personalize-runtime
: Updates service API and documentationservice/pinpoint
: Updates service API and documentationservice/runtime.sagemaker
: Updates service API and documentationservice/servicecatalog
: Updates service API and documentationConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.