CVE-2018-16875

MEDIUM

Go <1.10.6/1.11.x - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-16875. PoCs published by alexzorin.

AI-analyzed exploit summary This PoC demonstrates CVE-2018-16875, a DoS vulnerability in Go's TLS certificate verification due to pathological certificate chains. The server generates a 200-level deep certificate chain, causing excessive CPU usage during verification.

Description

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

Exploits (1)

nomisec WORKING POC 9 stars
by alexzorin · poc
https://github.com/alexzorin/poc-cve-2018-16875

This PoC demonstrates CVE-2018-16875, a DoS vulnerability in Go's TLS certificate verification due to pathological certificate chains. The server generates a 200-level deep certificate chain, causing excessive CPU usage during verification.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Go (crypto/x509) versions before 1.11.4 and 1.10.8
No auth needed
Prerequisites: Network access to target · Ability to establish TLS connection
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106230
Mitigation, Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201812-09
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16875
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html

Scores

CVSS v3 5.9
EPSS 0.0633
EPSS Percentile 92.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20 CWE-295
Status published
Products (2)
golang/go < 1.10.6
opensuse/leap 42.3
Published Dec 14, 2018
Tracked Since Feb 18, 2026