PT-2025-42737 · Golang+8 · Golang+8
Harshit Gupta
·
Published
2025-01-01
·
Updated
2026-05-18
·
CVE-2025-58183
CVSS v3.1
9.8
Critical
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
golang versions 1.15
golang versions 1.19
Description
An issue exists in the archive/tar package within golang that involves an unbounded allocation during the parsing of GNU sparse map files. This can lead to excessive memory consumption and potentially cause a denial-of-service condition.
Recommendations
Update to a newer version of golang that contains a fix for this vulnerability.
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
ALSA-2025:21815
ALSA-2025:21816
ALSA-2025:22011
ALSA-2025:22012
ALSA-2025:22668
ALSA-2025:23087
ALSA-2025:23088
ALSA-2025:23294
ALSA-2025:23295
ALSA-2025:23325
ALSA-2025:23326
ALSA-2025:23948
ALSA-2026:1377
ALSA-2026:1380
ALSA-2026:1381
ALSA-2026:1837
ALSA-2026:1838
ALT-PU-2025-12749
ALT-PU-2025-13232
AZL-68991
AZL-68994
AZL-68999
AZL-69002
AZL-69005
AZL-69033
AZL-69036
AZL-69134
AZL-69137
AZL-69200
AZL-69251
AZL-69296
AZL-69302
AZL-69362
AZL-78907
BDU:2025-14528
BIT-GOLANG-2025-58183
CLEANSTART-2025-EU07511
CLEANSTART-2026-AB43319
CLEANSTART-2026-AC12204
CLEANSTART-2026-AJ16639
CLEANSTART-2026-AJ76138
CLEANSTART-2026-AQ75465
CLEANSTART-2026-AT12816
CLEANSTART-2026-BD53293
CLEANSTART-2026-BH97849
CLEANSTART-2026-BJ28314
CLEANSTART-2026-BJ35875
CLEANSTART-2026-BM53321
CLEANSTART-2026-CB01846
CLEANSTART-2026-CE02533
CLEANSTART-2026-CT39828
CLEANSTART-2026-CV29689
CLEANSTART-2026-CY03855
CLEANSTART-2026-CY44461
CLEANSTART-2026-DH72490
CLEANSTART-2026-DP30290
CLEANSTART-2026-DR75226
CLEANSTART-2026-DS01292
CLEANSTART-2026-DZ05206
CLEANSTART-2026-EC15228
CLEANSTART-2026-EE52954
CLEANSTART-2026-EL98016
CLEANSTART-2026-ER42900
CLEANSTART-2026-ER93728
CLEANSTART-2026-FF20499
CLEANSTART-2026-FF98917
CLEANSTART-2026-FM65506
CLEANSTART-2026-FS64938
CLEANSTART-2026-FU47971
CLEANSTART-2026-GJ69402
CLEANSTART-2026-GL70025
CLEANSTART-2026-GQ00159
CLEANSTART-2026-GQ03231
CLEANSTART-2026-GS02052
CLEANSTART-2026-GV62494
CLEANSTART-2026-HA44046
CLEANSTART-2026-HW19594
CLEANSTART-2026-HX78047
CLEANSTART-2026-HY43775
CLEANSTART-2026-ID24148
CLEANSTART-2026-IG94553
CLEANSTART-2026-IO04548
CLEANSTART-2026-JD75482
CLEANSTART-2026-JJ09127
CLEANSTART-2026-JK84667
CLEANSTART-2026-JO01099
CLEANSTART-2026-JR37040
CLEANSTART-2026-JR48309
CLEANSTART-2026-JT73156
CLEANSTART-2026-JU62670
CLEANSTART-2026-JW58725
CLEANSTART-2026-KC01126
CLEANSTART-2026-KU65968
CLEANSTART-2026-KV78041
CLEANSTART-2026-KZ60560
CLEANSTART-2026-KZ63902
CLEANSTART-2026-LA67881
CLEANSTART-2026-LO42921
CLEANSTART-2026-LS98939
CLEANSTART-2026-LU21824
CLEANSTART-2026-LY33846
CLEANSTART-2026-LZ54652
CLEANSTART-2026-MA32024
CLEANSTART-2026-MF20926
CLEANSTART-2026-MI26039
CLEANSTART-2026-MJ51212
CLEANSTART-2026-MJ60235
CLEANSTART-2026-MK39503
CLEANSTART-2026-ML42911
CLEANSTART-2026-MU17611
CLEANSTART-2026-MX70474
CLEANSTART-2026-ND18869
CLEANSTART-2026-NG75665
CLEANSTART-2026-NJ43712
CLEANSTART-2026-NP17404
CLEANSTART-2026-NP19113
CLEANSTART-2026-NS41924
CLEANSTART-2026-NT80635
CLEANSTART-2026-NV34418
CLEANSTART-2026-NV78596
CLEANSTART-2026-OA33370
CLEANSTART-2026-OL17158
CLEANSTART-2026-OL25917
CLEANSTART-2026-OL32822
CLEANSTART-2026-OL60454
CLEANSTART-2026-ON38469
CLEANSTART-2026-ON62368
CLEANSTART-2026-OO14630
CLEANSTART-2026-OT07577
CLEANSTART-2026-OX06978
CLEANSTART-2026-OX88144
CLEANSTART-2026-PC16040
CLEANSTART-2026-PF41398
CLEANSTART-2026-PG91940
CLEANSTART-2026-PK19530
CLEANSTART-2026-PM59896
CLEANSTART-2026-PN58989
CLEANSTART-2026-PV98664
CLEANSTART-2026-PW02676
CLEANSTART-2026-QB67682
CLEANSTART-2026-QC30410
CLEANSTART-2026-QF85840
CLEANSTART-2026-QK02462
CLEANSTART-2026-QO29688
CLEANSTART-2026-QU88766
CLEANSTART-2026-QZ16523
CLEANSTART-2026-RL45001
CLEANSTART-2026-RQ53330
CLEANSTART-2026-RU37859
CLEANSTART-2026-SB25660
CLEANSTART-2026-SM37781
CLEANSTART-2026-SW55801
CLEANSTART-2026-SY95837
CLEANSTART-2026-TA27786
CLEANSTART-2026-TF98824
CLEANSTART-2026-TH33219
CLEANSTART-2026-TK38210
CLEANSTART-2026-TM31143
CLEANSTART-2026-TS42581
CLEANSTART-2026-TT42218
CLEANSTART-2026-TX25294
CLEANSTART-2026-TY78539
CLEANSTART-2026-TZ10716
CLEANSTART-2026-UJ10620
CLEANSTART-2026-UO76615
CLEANSTART-2026-UR80185
CLEANSTART-2026-UU56048
CLEANSTART-2026-UY60586
CLEANSTART-2026-UY85485
CLEANSTART-2026-UZ79996
CLEANSTART-2026-VC16841
CLEANSTART-2026-VF66781
CLEANSTART-2026-VI85055
CLEANSTART-2026-VJ77782
CLEANSTART-2026-VP44686
CLEANSTART-2026-VS64679
CLEANSTART-2026-VU08393
CLEANSTART-2026-VV68546
CLEANSTART-2026-VY87942
CLEANSTART-2026-VZ85637
CLEANSTART-2026-WP10148
CLEANSTART-2026-WQ07901
CLEANSTART-2026-XR85161
CLEANSTART-2026-YC48827
CLEANSTART-2026-YL27116
CLEANSTART-2026-YQ79300
CLEANSTART-2026-YW12690
CLEANSTART-2026-ZG64300
CLEANSTART-2026-ZM84646
CVE-2025-58183
ECHO-FC4A-06A9-746F
GHSA-W2JF-268Q-MRVH
GO-2025-4014
GO-2025-4101
INFSA-2025_21815
INFSA-2025_22011
INFSA-2025_22668
MGASA-2025-0256
OESA-2025-2647
OESA-2025-2648
OESA-2025-2649
OPENSUSE-SU-2025:15608-1
OPENSUSE-SU-2025:15609-1
OPENSUSE-SU-2025:15695-1
OPENSUSE-SU-2025:15711-1
OPENSUSE-SU-2025:15723-1
OPENSUSE-SU-2025:20157-1
OPENSUSE-SU-2025:20158-1
OPENSUSE-SU-2026:20301-1
OPENSUSE-SU-2026:20308-1
RHSA-2025:21778
RHSA-2025:21779
RHSA-2025:21815
RHSA-2025:21816
RHSA-2025:21856
RHSA-2025:21964
RHSA-2025:22011
RHSA-2025:22012
RHSA-2025:22030
RHSA-2025:22181
RHSA-2025:22255
RHSA-2025:22668
RHSA-2025:22899
RHSA-2025:23001
RHSA-2025:23002
RHSA-2025:23087
RHSA-2025:23088
RHSA-2025:23294
RHSA-2025:23295
RHSA-2025:23325
RHSA-2025:23326
RHSA-2025:23348
RHSA-2025:23374
RHSA-2025:23394
RHSA-2025:23736
RHSA-2025:23746
RHSA-2025:23747
RHSA-2025:23948
RHSA-2025_21815
RHSA-2025_22011
RHSA-2026:0226
RHSA-2026:0227
RHSA-2026:0243
RHSA-2026:0244
RHSA-2026:0245
RHSA-2026:0246
RHSA-2026:0314
RHSA-2026:0424
RHSA-2026:0426
RHSA-2026:0477
RHSA-2026:0973
RHSA-2026:0987
RHSA-2026:1025
RHSA-2026:10703
RHSA-2026:1377
RHSA-2026:1378
RHSA-2026:1379
RHSA-2026:1380
RHSA-2026:1381
RHSA-2026:17446
RHSA-2026:17595
RHSA-2026:1837
RHSA-2026:1838
RHSA-2026:2071
RHSA-2026:2082
RHSA-2026:2711
RHSA-2026:3875
RHSA-2026:4418
RHSA-2026:4464
RHSA-2026:4532
RHSA-2026:4533
RHSA-2026:4693
RHSA-2026:5086
RHSA-2026:5234
RHSA-2026:5866
RHSA-2026:5876
RHSA-2026:6191
RHSA-2026:7291
RHSA-2026:7385
RHSA-2026:8325
SUSE-SU-2025:03547-1
SUSE-SU-2025:21192-1
SUSE-SU-2025:21193-1
SUSE-SU-2025:3682-1
SUSE-SU-2026:0296-1
SUSE-SU-2026:0297-1
SUSE-SU-2026:0298-1
SUSE-SU-2026:0308-1
SUSE-SU-2026:20623-1
SUSE-SU-2026:20629-1
Affected Products
Alt Linux
Almalinux
Centos
Debian
Red Hat
Red Os
Rocky Linux
Suse
Golang
References · 943
- https://osv.dev/vulnerability/AZL-69036 · Vendor Advisory
- https://osv.dev/vulnerability/CLEANSTART-2026-JR37040 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-27139 · Security Note
- https://errata.almalinux.org/9/ALSA-2026-1381.html · Vendor Advisory
- https://osv.dev/vulnerability/CLEANSTART-2026-DZ05206 · Vendor Advisory
- https://osv.dev/vulnerability/OESA-2025-2647 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-27137 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2026-35469 · Security Note
- https://osv.dev/vulnerability/CLEANSTART-2026-JJ09127 · Vendor Advisory
- https://osv.dev/vulnerability/CLEANSTART-2026-RQ53330 · Vendor Advisory
- https://errata.almalinux.org/9/ALSA-2025-23325.html · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-47910 · Security Note
- https://osv.dev/vulnerability/AZL-68994 · Vendor Advisory
- https://linux.oracle.com/errata/ELSA-2026-50076.html · Vendor Advisory
- https://errata.rockylinux.org/RLSA-2026:1381 · Vendor Advisory