blob: 584eefe2bd90e36f37f0e6d28e469c4e526a9c77 [file] [log] [blame]
id: GO-2023-1558
modules:
- module: github.com/ipfs/go-bitfield
versions:
- fixed: 1.1.0
vulnerable_at: 1.0.0
packages:
- package: github.com/ipfs/go-bitfield
symbols:
- NewBitfield
- FromBytes
summary: Denial of service via malformed size parameters in github.com/ipfs/go-bitfield
description: |-
When feeding untrusted user input into the size parameter of NewBitfield and
FromBytes functions, an attacker can trigger panics.
This happens when the size is a not a multiple of 8 or is negative.
A workaround is to ensure size%8 == 0 && size >= 0 yourself before calling
NewBitfield or FromBytes.
cves:
- CVE-2023-23626
ghsas:
- GHSA-2h6c-j3gf-xp9r
credits:
- Jorropo
references:
- advisory: https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r
- fix: https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579
review_status: REVIEWED