Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
CVSS Details
- CVSS 3.1 Base Score: 7.5
- CVSS 3.1 Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Alpine Linux | alpine-linux-upgrade-go | Oct 1, 2024 | Jul 15, 2022 | |
| Amazon Linux Ami 2 | amazon-linux-ami-2-upgrade-golangamazon-linux-ami-2-upgrade-golang-binamazon-linux-ami-2-upgrade-golang-docsamazon-linux-ami-2-upgrade-golang-miscamazon-linux-ami-2-upgrade-golang-raceamazon-linux-ami-2-upgrade-golang-sharedamazon-linux-ami-2-upgrade-golang-srcamazon-linux-ami-2-upgrade-golang-tests | Apr 21, 2023 | Jul 15, 2022 | |
| Amazon_linux | — | amazon-linux-upgrade-golang | Apr 21, 2023 | Jun 8, 2022 |
| Freebsd | freebsd-upgrade-package-go118freebsd-upgrade-package-go117 | Nov 4, 2022 | Jun 7, 2022 | |
| Huawei Euleros 2_0_sp10 | huawei-euleros-2_0_sp10-upgrade-golanghuawei-euleros-2_0_sp10-upgrade-golang-develhuawei-euleros-2_0_sp10-upgrade-golang-help | Nov 3, 2022 | Jul 15, 2022 | |
| Huawei Euleros 2_0_sp5 | huawei-euleros-2_0_sp5-upgrade-golanghuawei-euleros-2_0_sp5-upgrade-golang-binhuawei-euleros-2_0_sp5-upgrade-golang-src | Nov 4, 2022 | Jul 15, 2022 | |
| Huawei Euleros 2_0_sp9 | huawei-euleros-2_0_sp9-upgrade-golanghuawei-euleros-2_0_sp9-upgrade-golang-develhuawei-euleros-2_0_sp9-upgrade-golang-help | Sep 14, 2022 | Jul 15, 2022 | |
| Oracle_linux | — | oracle-linux-upgrade-delveoracle-linux-upgrade-go-toolsetoracle-linux-upgrade-golangoracle-linux-upgrade-golang-binoracle-linux-upgrade-golang-docsoracle-linux-upgrade-golang-miscoracle-linux-upgrade-golang-raceoracle-linux-upgrade-golang-srcoracle-linux-upgrade-golang-tests | Jul 13, 2022 | Jun 8, 2022 |
| Splunk | splunk-upgrade-latest | Sep 30, 2025 | Jul 15, 2022 | |
| Suse | — | suse-upgrade-go1-17suse-upgrade-go1-17-docsuse-upgrade-go1-17-racesuse-upgrade-go1-18suse-upgrade-go1-18-docsuse-upgrade-go1-18-opensslsuse-upgrade-go1-18-openssl-docsuse-upgrade-go1-18-openssl-racesuse-upgrade-go1-18-race | Oct 26, 2022 | Jul 15, 2022 |
| Vmware Photon_os | vmware-photon_os_update_tdnf | Jan 20, 2025 | Jul 15, 2022 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub