blob: d27e648fea624c7fdc42bda8c4a5cf54b6c9f946 [file] [log] [blame]
id: GO-2023-1559
modules:
- module: github.com/ipfs/go-unixfsnode
versions:
- fixed: 1.5.2
vulnerable_at: 1.5.1
packages:
- package: github.com/ipfs/go-unixfsnode/hamt
symbols:
- NewUnixFSHAMTShard
- bitField
derived_symbols:
- AttemptHAMTShardFromNode
- NewUnixFSHAMTShardWithPreload
- _UnixFSHAMTShard.Length
- _UnixFSHAMTShard.Lookup
- _UnixFSHAMTShard.LookupByNode
- _UnixFSHAMTShard.LookupBySegment
- _UnixFSHAMTShard.LookupByString
- _UnixFSShardedDir__ListItr.Next
- package: github.com/ipfs/go-unixfsnode/data/builder
symbols:
- shard.bitmap
- shard.serialize
derived_symbols:
- BlockSizes
- BuildUnixFS
- BuildUnixFSDirectory
- BuildUnixFSFile
- BuildUnixFSRecursive
- BuildUnixFSShardedDirectory
- BuildUnixFSSymlink
- Data
- DataType
- Fanout
- FileSize
- FractionalNanoseconds
- HashType
- Mtime
- Permissions
- PermissionsString
- Seconds
- Time
summary: Denial of service via HAMT decoding panic in github.com/ipfs/go-unixfsnode
description: |-
Trying to read malformed HAMT sharded directories can cause panics and virtual
memory leaks. If you are reading untrusted user input, an attacker can then
trigger a panic.
This is caused by a bogus fanout parameter in the HAMT directory nodes.
There are no known workarounds (users are advised to upgrade).
cves:
- CVE-2023-23631
ghsas:
- GHSA-4gj3-6r43-3wfc
credits:
- Jorropo
references:
- advisory: https://github.com/ipfs/go-unixfsnode/security/advisories/GHSA-4gj3-6r43-3wfc
- fix: https://github.com/ipfs/go-unixfsnode/commit/59050ea8bc458ae55246ae09243e6e165923e076
review_status: REVIEWED