CVE-2023-23626

Name of the Vulnerable Software and Affected Versions go-bitfield (affected versions not specified)

Description The issue arises when untrusted user input is fed into the size parameter of NewBitfield and FromBytes functions, allowing an attacker to trigger panics. This occurs when the size is not a multiple of 8 or is negative. Although there was a note in the NewBitfield documentation, it was incomplete and missing from FromBytes's documentation. The problem has been addressed by returning an error if the size is incorrect.

Recommendations To resolve the issue, users are advised to upgrade to a version where the NewBitfield and FromBytes functions return an error if the size is not a multiple of 8 or is negative. For users unable to upgrade, ensure that size is a multiple of 8 and not negative before calling NewBitfield or FromBytes. As a temporary workaround, consider checking the condition size%8 == 0 && size >= 0 yourself before calling NewBitfield or FromBytes.