reports/GO-2021-0075.yaml - vulndb - Git at Google

 packages:
   - module: github.com/ethereum/go-ethereum
     package: github.com/ethereum/go-ethereum/les
     symbols:
       - protocolManager.handleMsg
     versions:
       - fixed: 1.8.11
 description: |
     Due to improper argument validation in RPC messages, a maliciously crafted
     message can cause a panic, leading to denial of service.
 published: 2021-04-14T20:04:52Z
 cves:
   - CVE-2018-12018
 links:
     pr: https://github.com/ethereum/go-ethereum/pull/16891
     commit: https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed6359d119e4
     context:
       - https://peckshield.com/2018/06/27/EPoD/
	packages:
	- module: github.com/ethereum/go-ethereum
	package: github.com/ethereum/go-ethereum/les
	symbols:
	- protocolManager.handleMsg
	versions:
	- fixed: 1.8.11
	description: \|
	Due to improper argument validation in RPC messages, a maliciously crafted
	message can cause a panic, leading to denial of service.
	published: 2021-04-14T20:04:52Z
	cves:
	- CVE-2018-12018
	links:
	pr: https://github.com/ethereum/go-ethereum/pull/16891
	commit: https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed6359d119e4
	context:
	- https://peckshield.com/2018/06/27/EPoD/