PT-2024-6111 · Go+11 · Go+11

Md Sakib Anwar

·

Publicado

2024-09-04

·

Atualizado

2025-09-02

·

CVE-2024-34156

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Nome do software vulnerável e versões afetadas
Go (versões afetadas não especificadas)
Descrição
O problema está relacionado à função Decoder.Decode na linguagem de programação Go, que pode causar um erro de pânico devido ao esgotamento da pilha ao lidar com estruturas profundamente aninhadas. Isso é causado por recursão descontrolada, permitindo potencialmente que um invasor remoto provoque uma negação de serviço.
Recomendações
No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

Uncontrolled Recursion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-674

Identificadores relacionados

ALSA-2024:11216
ALSA-2024:11217
ALSA-2024:6908
ALSA-2024:6913
ALSA-2024:6946
ALSA-2024:6947
ALSA-2024:7135
ALSA-2024:7136
ALSA-2024:7204
ALSA-2024:7262
ALSA-2024:8038
ALSA-2024:8039
ALSA-2024:8110
ALSA-2024:8111
ALSA-2024:8112
ALSA-2024:9454
ALSA-2024:9456
ALSA-2024:9459
ALSA-2024:9472
ALSA-2024:9473
ALSA-2025:3773
ALT-PU-2024-12198
ALT-PU-2024-12622
ALT-PU-2024-13971
ALT-PU-2024-15601
ALT-PU-2024-16387
AZL-78970
BDU:2024-07025
BIT-GOLANG-2024-34156
CESA-2024_6908
CESA-2024_7135
CESA-2024_7262
CESA-2024_8038
CVE-2024-34156
ECHO-0684-A311-5067
GO-2024-3106
INFSA-2024_11216
INFSA-2024_11217
INFSA-2024_6908
INFSA-2024_6913
INFSA-2024_6946
INFSA-2024_6947
INFSA-2024_7135
INFSA-2024_7136
INFSA-2024_7204
INFSA-2024_7262
INFSA-2024_8038
INFSA-2024_8039
INFSA-2024_8110
INFSA-2024_8111
INFSA-2024_8112
INFSA-2024_9454
INFSA-2024_9456
INFSA-2024_9459
INFSA-2024_9472
INFSA-2024_9473
INFSA-2025_3773
MGASA-2024-0376
OESA-2024-2503
OESA-2024-2504
OESA-2024-2505
OESA-2024-2506
OESA-2024-2587
OPENSUSE-SU-2024:14323-1
OPENSUSE-SU-2024:14324-1
OPENSUSE-SU-2024:14375-1
OPENSUSE-SU-2024:14520-1
OPENSUSE-SU-2024_3213-1
OPENSUSE-SU-2024_3214-1
OPENSUSE-SU-2024_3773-1
OPENSUSE-SU-2024_3809-1
OPENSUSE-SU-2025:0056-1
OPENSUSE-SU-2025:15505-1
RHSA-2024:11216
RHSA-2024:11217
RHSA-2024:6908
RHSA-2024:6912
RHSA-2024:6913
RHSA-2024:6914
RHSA-2024:6946
RHSA-2024:6947
RHSA-2024:7102
RHSA-2024:7103
RHSA-2024:7135
RHSA-2024:7136
RHSA-2024:7202
RHSA-2024:7203
RHSA-2024:7204
RHSA-2024:7205
RHSA-2024:7206
RHSA-2024:7207
RHSA-2024:7208
RHSA-2024:7261
RHSA-2024:7262
RHSA-2024:7350
RHSA-2024:7351
RHSA-2024:7449
RHSA-2024:7455
RHSA-2024:7456
RHSA-2024:7485
RHSA-2024:7487
RHSA-2024:7488
RHSA-2024:7769
RHSA-2024:7791
RHSA-2024:7792
RHSA-2024:7793
RHSA-2024:7794
RHSA-2024:7818
RHSA-2024:7819
RHSA-2024:7820
RHSA-2024:7821
RHSA-2024:7822
RHSA-2024:7852
RHSA-2024:8038
RHSA-2024:8039
RHSA-2024:8110
RHSA-2024:8111
RHSA-2024:8112
RHSA-2024:8232
RHSA-2024:8263
RHSA-2024:8428
RHSA-2024:8690
RHSA-2024:8694
RHSA-2024:8700
RHSA-2024:9454
RHSA-2024:9456
RHSA-2024:9459
RHSA-2024:9472
RHSA-2024:9473
RHSA-2024_11216
RHSA-2024_11217
RHSA-2024_6908
RHSA-2024_6913
RHSA-2024_6946
RHSA-2024_6947
RHSA-2024_7135
RHSA-2024_7136
RHSA-2024_7204
RHSA-2024_7262
RHSA-2024_8038
RHSA-2024_8039
RHSA-2024_8110
RHSA-2024_8111
RHSA-2024_8112
RHSA-2024_9454
RHSA-2024_9456
RHSA-2024_9459
RHSA-2024_9472
RHSA-2024_9473
RHSA-2025:0203
RHSA-2025:1190
RHSA-2025:3773
RHSA-2025_3773
RLSA-2024:11216
RLSA-2024:11217
RLSA-2024:6908
RLSA-2024:6913
RLSA-2024:6946
RLSA-2024:6947
RLSA-2024:7135
RLSA-2024:7136
RLSA-2024:7204
RLSA-2024:7262
RLSA-2024:8038
RLSA-2024:8039
RLSA-2024:8110
RLSA-2024:8111
RLSA-2024:9456
RLSA-2024:9472
RLSA-2024:9473
SUSE-SU-2024:3196-1
SUSE-SU-2024:3197-1
SUSE-SU-2024:3213-1
SUSE-SU-2024:3214-1
SUSE-SU-2024:3453-1
SUSE-SU-2024:3454-1
SUSE-SU-2024:3455-1
SUSE-SU-2024:3456-1
SUSE-SU-2024:3457-1
SUSE-SU-2024:3458-1
SUSE-SU-2024:3459-1
SUSE-SU-2024:3772-1
SUSE-SU-2024:3773-1
SUSE-SU-2024:3809-1
SUSE-SU-2024:3937-1
SUSE-SU-2024:3938-1
USN-7081-1
USN-7109-1
USN-7111-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Go
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu