GHSA-2h6c-j3gf-xp9r
Suggest an improvement- Source
- https://github.com/advisories/GHSA-2h6c-j3gf-xp9r
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-2h6c-j3gf-xp9r/GHSA-2h6c-j3gf-xp9r.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-2h6c-j3gf-xp9r
- Aliases
- Published
- 2023-02-10T19:52:45Z
- Modified
- 2023-11-01T05:01:12.570874Z
- Severity
-
- 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- IPFS go-bitfield vulnerable to DoS via malformed size arguments
- Details
-
Impact
When feeding untrusted user input into the size parameter of
NewBitfieldandFromBytesfunctions, an attacker can triggerpanics.This happen when the
sizeis a not a multiple of8or is negative. There were already a note in theNewBitfielddocumentation:Panics if size is not a multiple of 8.But it incomplete and missing from
FromBytes's documentation.This has been replaced by returning an
(Bitfield, error)and returning a non nil error if the size is wrong.Patches
- https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579
Workarounds
- Ensure
size%8 == 0 && size >= 0yourself before callingNewBitfieldorFromBytes
References
- https://github.com/ipfs/go-unixfs/security/advisories/GHSA-q264-w97q-q778
- Database specific
{ "cwe_ids": [ "CWE-1284", "CWE-754" ], "github_reviewed": true, "github_reviewed_at": "2023-02-10T19:52:45Z", "severity": "MODERATE", "nvd_published_at": "2023-02-09T21:15:00Z" }- References
Affected packages
Go / github.com/ipfs/go-bitfield
Package
- Name
- github.com/ipfs/go-bitfield
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/ipfs/go-bitfield