[GO-2024-2824] Malformed DNS message can cause infinite loop in net

  1. Home
  2. Security Advisories
  3. Go
  4. GO-2024-2824
Affected Packages 2
Fixed Packages 1
CVEs 1
Info Packages Vulnerabilities

A malformed DNS message in response to a query can cause the Lookup functions to
get stuck in an infinite loop.

Package Affected Version
pkg:golang/net >= 1.22.0-0, < 1.22.3
pkg:golang/net >= 1.22.2, < 1.22.3
Package Fixed Version
pkg:golang/net = 1.22.3
ID
GO-2024-2824
URL
https://pkg.go.dev/vuln/GO-2024-2824
Published
2024-05-07T21:03:41
(11 days ago)
Modified
2024-05-08T19:52:53
(11 days ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Fixed pkg:golang/net net = 1.22.3
Affected pkg:golang/net net >= 1.22.0-0 < 1.22.3
Affected pkg:golang/net net >= 1.22.2 < 1.22.3
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date