data/reports/GO-2023-1558.yaml - vulndb - Git at Google

 id: GO-2023-1558
 modules:
     - module: github.com/ipfs/go-bitfield
       versions:
         - fixed: 1.1.0
       vulnerable_at: 1.0.0
       packages:
         - package: github.com/ipfs/go-bitfield
           symbols:
             - NewBitfield
             - FromBytes
 summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
 description: |
     When feeding untrusted user input into the size parameter of `NewBitfield`
     and FromBytes functions, an attacker can trigger panics.

     This happens when the size is a not a multiple of 8 or is negative.

     A workaround is to ensure size%8 == 0 && size >= 0 yourself before calling
     NewBitfield or FromBytes.
 cves:
     - CVE-2023-23626
 ghsas:
     - GHSA-2h6c-j3gf-xp9r
 credits:
     - Jorropo
 references:
     - advisory: https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r
     - fix: https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579
	id: GO-2023-1558
	modules:
	- module: github.com/ipfs/go-bitfield
	versions:
	- fixed: 1.1.0
	vulnerable_at: 1.0.0
	packages:
	- package: github.com/ipfs/go-bitfield
	symbols:
	- NewBitfield
	- FromBytes
	summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
	description: \|
	When feeding untrusted user input into the size parameter of `NewBitfield`
	and FromBytes functions, an attacker can trigger panics.

	This happens when the size is a not a multiple of 8 or is negative.

	A workaround is to ensure size%8 == 0 && size >= 0 yourself before calling
	NewBitfield or FromBytes.
	cves:
	- CVE-2023-23626
	ghsas:
	- GHSA-2h6c-j3gf-xp9r
	credits:
	- Jorropo
	references:
	- advisory: https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r
	- fix: https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579