PT-2024-6111 · Go+11 · Go+11

Md Sakib Anwar

·

Published

2024-09-04

·

Updated

2025-09-02

·

CVE-2024-34156

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Go (affected versions not specified)
Description The issue is related to the Decoder.Decode function in the Go programming language, which can cause a panic due to stack exhaustion when handling deeply nested structures. This is caused by uncontrolled recursion, potentially allowing a remote attacker to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

ALSA-2024:11216
ALSA-2024:11217
ALSA-2024:6908
ALSA-2024:6913
ALSA-2024:6946
ALSA-2024:6947
ALSA-2024:7135
ALSA-2024:7136
ALSA-2024:7204
ALSA-2024:7262
ALSA-2024:8038
ALSA-2024:8039
ALSA-2024:8110
ALSA-2024:8111
ALSA-2024:8112
ALSA-2024:9454
ALSA-2024:9456
ALSA-2024:9459
ALSA-2024:9472
ALSA-2024:9473
ALSA-2025:3773
ALT-PU-2024-12198
ALT-PU-2024-12622
ALT-PU-2024-13971
ALT-PU-2024-15601
ALT-PU-2024-16387
AZL-78970
BDU:2024-07025
BIT-GOLANG-2024-34156
CESA-2024_6908
CESA-2024_7135
CESA-2024_7262
CESA-2024_8038
CVE-2024-34156
ECHO-0684-A311-5067
GO-2024-3106
INFSA-2024_11216
INFSA-2024_11217
INFSA-2024_6908
INFSA-2024_6913
INFSA-2024_6946
INFSA-2024_6947
INFSA-2024_7135
INFSA-2024_7136
INFSA-2024_7204
INFSA-2024_7262
INFSA-2024_8038
INFSA-2024_8039
INFSA-2024_8110
INFSA-2024_8111
INFSA-2024_8112
INFSA-2024_9454
INFSA-2024_9456
INFSA-2024_9459
INFSA-2024_9472
INFSA-2024_9473
INFSA-2025_3773
MGASA-2024-0376
OESA-2024-2503
OESA-2024-2504
OESA-2024-2505
OESA-2024-2506
OESA-2024-2587
OPENSUSE-SU-2024:14323-1
OPENSUSE-SU-2024:14324-1
OPENSUSE-SU-2024:14375-1
OPENSUSE-SU-2024:14520-1
OPENSUSE-SU-2024_3213-1
OPENSUSE-SU-2024_3214-1
OPENSUSE-SU-2024_3773-1
OPENSUSE-SU-2024_3809-1
OPENSUSE-SU-2025:0056-1
OPENSUSE-SU-2025:15505-1
RHSA-2024:11216
RHSA-2024:11217
RHSA-2024:6908
RHSA-2024:6912
RHSA-2024:6913
RHSA-2024:6914
RHSA-2024:6946
RHSA-2024:6947
RHSA-2024:7102
RHSA-2024:7103
RHSA-2024:7135
RHSA-2024:7136
RHSA-2024:7202
RHSA-2024:7203
RHSA-2024:7204
RHSA-2024:7205
RHSA-2024:7206
RHSA-2024:7207
RHSA-2024:7208
RHSA-2024:7261
RHSA-2024:7262
RHSA-2024:7350
RHSA-2024:7351
RHSA-2024:7449
RHSA-2024:7455
RHSA-2024:7456
RHSA-2024:7485
RHSA-2024:7487
RHSA-2024:7488
RHSA-2024:7769
RHSA-2024:7791
RHSA-2024:7792
RHSA-2024:7793
RHSA-2024:7794
RHSA-2024:7818
RHSA-2024:7819
RHSA-2024:7820
RHSA-2024:7821
RHSA-2024:7822
RHSA-2024:7852
RHSA-2024:8038
RHSA-2024:8039
RHSA-2024:8110
RHSA-2024:8111
RHSA-2024:8112
RHSA-2024:8232
RHSA-2024:8263
RHSA-2024:8428
RHSA-2024:8690
RHSA-2024:8694
RHSA-2024:8700
RHSA-2024:9454
RHSA-2024:9456
RHSA-2024:9459
RHSA-2024:9472
RHSA-2024:9473
RHSA-2024_11216
RHSA-2024_11217
RHSA-2024_6908
RHSA-2024_6913
RHSA-2024_6946
RHSA-2024_6947
RHSA-2024_7135
RHSA-2024_7136
RHSA-2024_7204
RHSA-2024_7262
RHSA-2024_8038
RHSA-2024_8039
RHSA-2024_8110
RHSA-2024_8111
RHSA-2024_8112
RHSA-2024_9454
RHSA-2024_9456
RHSA-2024_9459
RHSA-2024_9472
RHSA-2024_9473
RHSA-2025:0203
RHSA-2025:1190
RHSA-2025:3773
RHSA-2025_3773
RLSA-2024:11216
RLSA-2024:11217
RLSA-2024:6908
RLSA-2024:6913
RLSA-2024:6946
RLSA-2024:6947
RLSA-2024:7135
RLSA-2024:7136
RLSA-2024:7204
RLSA-2024:7262
RLSA-2024:8038
RLSA-2024:8039
RLSA-2024:8110
RLSA-2024:8111
RLSA-2024:9456
RLSA-2024:9472
RLSA-2024:9473
SUSE-SU-2024:3196-1
SUSE-SU-2024:3197-1
SUSE-SU-2024:3213-1
SUSE-SU-2024:3214-1
SUSE-SU-2024:3453-1
SUSE-SU-2024:3454-1
SUSE-SU-2024:3455-1
SUSE-SU-2024:3456-1
SUSE-SU-2024:3457-1
SUSE-SU-2024:3458-1
SUSE-SU-2024:3459-1
SUSE-SU-2024:3772-1
SUSE-SU-2024:3773-1
SUSE-SU-2024:3809-1
SUSE-SU-2024:3937-1
SUSE-SU-2024:3938-1
USN-7081-1
USN-7109-1
USN-7111-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Go
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu