A local attacker can exploit this to cause a denial of service (memory consumption). For more information about these vulnerabilities, see the RedPulse blog. Go 1.17.9 and 1.18.x before 1.18.1 are vulnerable to stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog. Before upgrading to Go 1.18.1, make sure to apply the CVE patch outlined in Go 1.18.1 fixes Decode stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog. Go 1.17.9 and 1.18.x before 1.18.1 are vulnerable to stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog. Go 1.17.9 and 1.18.x before 1.18.1 are vulnerable to stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog. Go 1.17.9 and

Summary

RedPulse would like to inform users of the following vulnerabilities:

CVE-2022-24675 - A local attacker can exploit this to cause a denial of service (memory consumption). For more information about these vulnerabilities, see the RedPulse blog. Go 1.17.9 and 1.18.x before 1.18.1 are vulnerable to stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog. Before upgrading to Go 1.18.1, make sure to apply the CVE patch outlined in Go 1.18.1 fixes Decode stack overflow due to a Decode call with a very large number of parameters. A local attacker can exploit this to cause a denial of service. For more information about these vulnerabilities, see the RedPulse blog . Go 1 .17 .9 and     1 . 18 .x before 1 .18 .1 are vulnerable to stack overflow due to a Decode call with a very large number of parameters . A local attacker can exploit this to cause a denial of service . For more information about these vulnerabilities , see the RedPulse blog

Timeline

Published on: 04/20/2022 10:15:00 UTC
Last modified on: 08/17/2022 04:15:00 UTC

References