Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-2h6c-j3gf-xp9r: IPFS go-bitfield vulnerable to DoS via malformed size arguments

Impact

When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics.

This happen when the size is a not a multiple of 8 or is negative. There were already a note in the NewBitfield documentation:

Panics if size is not a multiple of 8.

But it incomplete and missing from FromBytes's documentation.

This has been replaced by returning an (Bitfield, error) and returning a non nil error if the size is wrong.

Patches

  • https://github.com/ipfs/go-bitfield/commit/5e1d256fe043fc4163343ccca83862c69c52e579

Workarounds

  • Ensure size%8 == 0 && size >= 0 yourself before calling NewBitfield or FromBytes

References

  • https://github.com/ipfs/go-unixfs/security/advisories/GHSA-q264-w97q-q778
ghsa
Open in Source
#vulnerability#git
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2023-23626

IPFS go-bitfield vulnerable to DoS via malformed size arguments

Moderate severity GitHub Reviewed Published Feb 9, 2023 in ipfs/go-bitfield • Updated Feb 10, 2023

Package

gomod github.com/ipfs/go-bitfield (Go)

Affected versions

= 1.0.0

Impact

When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics.

This happen when the size is a not a multiple of 8 or is negative.
There were already a note in the NewBitfield documentation:

Panics if size is not a multiple of 8.

But it incomplete and missing from FromBytes’s documentation.

This has been replaced by returning an (Bitfield, error) and returning a non nil error if the size is wrong.

Patches

  • ipfs/go-bitfield@5e1d256

Workarounds

  • Ensure size%8 == 0 && size >= 0 yourself before calling NewBitfield or FromBytes

References

  • GHSA-q264-w97q-q778

References

  • GHSA-2h6c-j3gf-xp9r
  • https://nvd.nist.gov/vuln/detail/CVE-2023-23626
  • ipfs/go-bitfield@5e1d256

Last updated

Feb 10, 2023

Published to the GitHub Advisory Database

Feb 10, 2023

Published by the National Vulnerability Database

Feb 9, 2023

Related news

CVE-2023-23626: refactor: return errors instead of panics · ipfs/go-bitfield@5e1d256

go-bitfield is a simple bitfield package for the go language aiming to be more performant that the standard library. When feeding untrusted user input into the size parameter of `NewBitfield` and `FromBytes` functions, an attacker can trigger `panic`s. This happen when the `size` is a not a multiple of `8` or is negative. There were already a note in the `NewBitfield` documentation, however known users of this package are subject to this issue. Users are advised to upgrade. Users unable to upgrade should ensure that `size` is a multiple of 8 before calling `NewBitfield` or `FromBytes`.

ghsa: Latest News

GHSA-3w94-vq2x-v5wr: ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions
ghsa