CVE-2024-34050

Name of the Vulnerable Software and Affected Versions Open Networking Foundation SD-RAN Rimedo rimedo-ts version 0.1.1

Description The issue is related to a slice bounds out-of-range panic in the code. Specifically, the problem occurs in the line "return uint64(b[2])<<16 | uint64(b[1])<<8 | uint64(b[0])" in the reader.go file. This suggests a potential error in handling byte arrays, which could lead to unexpected behavior or crashes.

Recommendations For Open Networking Foundation SD-RAN Rimedo rimedo-ts version 0.1.1, consider modifying the reader.go file to properly handle slice bounds and prevent out-of-range panics. As a temporary workaround, consider adding error checking code to ensure that the byte array b has at least 3 elements before attempting to access b[0], b[1], and b[2]. At the moment, there is no information about a newer version that contains a fix for this vulnerability.