C2SP/x509-limbo

Add tests cases for CVE-2026-27137 and CVE-2026-27138

Open

#565 建立於 2026年3月6日

在 GitHub 查看
 (0 留言) (0 反應) (0 負責人)C++ (13 fork)github user discovery
help wanted

倉庫指標

Star
 (64 star)
PR 合併指標
 (平均合併 3天 10小時) (30 天內合併 9 個 PR)

描述

crypto/x509: incorrect enforcement of email constraints

When verifying a certificate chain which contains a certificate containing
multiple email address constraints (composed of the full email address) which
share common local portions (the portion of the address before the '@'
character) but different domain portions (the portion of the address after the
'@' character), these constraints will not be properly applied, and only the
last constraint will be considered.

This can allow certificates in the chain containing email addresses which are
either not permitted or excluded by the relevant constraints to be returned by
calls to Certificate.Verify. Since the name constraint checks happen after chain
building is complete, this only applies to certificate chains which chain to
trusted roots (root certificates either in VerifyOptions.Roots or in the system
root certificate pool), requiring a trusted CA to issue certificates containing
either not permitted or excluded email addresses.

This issue only affects Go 1.26.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2026-27137 and Go issue https://go.dev/issue/77952.

crypto/x509: panic in name constraint checking for malformed certificates

Certificate verification can panic when a certificate in the chain has an empty
DNS name and another certificate in the chain has excluded name constraints.
This can crash programs that are either directly verifying X.509 certificate
chains, or those that use TLS.

Since the name constraint checks happen after chain building is complete, this
only applies to certificate chains which chain to trusted roots (root
certificates either in VerifyOptions.Roots or in the system root certificate
pool), requiring a trusted CA to issue certificates containing malformed DNS
names.

This issue only affects Go 1.26.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2026-27138 and Go issue https://go.dev/issue/77953.

貢獻者指南