| id: GO-2023-1571 |
| modules: |
| - module: std |
| versions: |
| - fixed: 1.19.6 |
| - introduced: 1.20.0-0 |
| fixed: 1.20.1 |
| vulnerable_at: 1.20.0 |
| packages: |
| - package: net/http |
| symbols: |
| - Transport.RoundTrip |
| - Server.Serve |
| derived_symbols: |
| - Client.Do |
| - Client.Get |
| - Client.Head |
| - Client.Post |
| - Client.PostForm |
| - Get |
| - Head |
| - ListenAndServe |
| - ListenAndServeTLS |
| - Post |
| - PostForm |
| - Serve |
| - ServeTLS |
| - Server.ListenAndServe |
| - Server.ListenAndServeTLS |
| - Server.ServeTLS |
| - module: golang.org/x/net |
| versions: |
| - fixed: 0.7.0 |
| vulnerable_at: 0.6.1-0.20230213185550-547e7edf3873 |
| packages: |
| - package: golang.org/x/net/http2 |
| symbols: |
| - Transport.RoundTrip |
| - Server.ServeConn |
| derived_symbols: |
| - ClientConn.Close |
| - ClientConn.Ping |
| - ClientConn.RoundTrip |
| - ClientConn.Shutdown |
| - ConfigureServer |
| - ConfigureTransport |
| - ConfigureTransports |
| - ConnectionError.Error |
| - ErrCode.String |
| - FrameHeader.String |
| - FrameType.String |
| - FrameWriteRequest.String |
| - Framer.ReadFrame |
| - Framer.WriteContinuation |
| - Framer.WriteData |
| - Framer.WriteDataPadded |
| - Framer.WriteGoAway |
| - Framer.WriteHeaders |
| - Framer.WritePing |
| - Framer.WritePriority |
| - Framer.WritePushPromise |
| - Framer.WriteRSTStream |
| - Framer.WriteRawFrame |
| - Framer.WriteSettings |
| - Framer.WriteSettingsAck |
| - Framer.WriteWindowUpdate |
| - GoAwayError.Error |
| - ReadFrameHeader |
| - Setting.String |
| - SettingID.String |
| - SettingsFrame.ForeachSetting |
| - StreamError.Error |
| - Transport.CloseIdleConnections |
| - Transport.NewClientConn |
| - Transport.RoundTripOpt |
| - bufferedWriter.Flush |
| - bufferedWriter.Write |
| - chunkWriter.Write |
| - clientConnPool.GetClientConn |
| - connError.Error |
| - dataBuffer.Read |
| - duplicatePseudoHeaderError.Error |
| - gzipReader.Close |
| - gzipReader.Read |
| - headerFieldNameError.Error |
| - headerFieldValueError.Error |
| - noDialClientConnPool.GetClientConn |
| - noDialH2RoundTripper.RoundTrip |
| - pipe.Read |
| - priorityWriteScheduler.CloseStream |
| - priorityWriteScheduler.OpenStream |
| - pseudoHeaderError.Error |
| - requestBody.Close |
| - requestBody.Read |
| - responseWriter.Flush |
| - responseWriter.FlushError |
| - responseWriter.Push |
| - responseWriter.SetReadDeadline |
| - responseWriter.SetWriteDeadline |
| - responseWriter.Write |
| - responseWriter.WriteHeader |
| - responseWriter.WriteString |
| - serverConn.CloseConn |
| - serverConn.Flush |
| - stickyErrWriter.Write |
| - transportResponseBody.Close |
| - transportResponseBody.Read |
| - writeData.String |
| - package: golang.org/x/net/http2/hpack |
| symbols: |
| - Decoder.parseFieldLiteral |
| - Decoder.readString |
| derived_symbols: |
| - Decoder.DecodeFull |
| - Decoder.Write |
| summary: Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net |
| description: |- |
| A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the |
| HPACK decoder, sufficient to cause a denial of service from a small number of |
| small requests. |
| ghsas: |
| - GHSA-vvpx-j8f3-3w6h |
| credits: |
| - Philippe Antoine (Catena cyber) |
| references: |
| - report: https://go.dev/issue/57855 |
| - fix: https://go.dev/cl/468135 |
| - fix: https://go.dev/cl/468295 |
| - web: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E |
| cve_metadata: |
| id: CVE-2022-41723 |
| cwe: 'CWE 400: Uncontrolled Resource Consumption' |
| references: |
| - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/ |
| - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/ |
| - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ |
| - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ |