Once the TLS handshake completes, QUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message. The size check is wrong, however, so it can pass along a partial message, triggering a panic when handlePostHandshakeMessage tries to read the remainder of the message. In addition, HandleData doesn't limit the amount of data it can buffer. It should reject messages larger than maxHandshake.
Created golang tracking bugs for this issue: Affects: epel-all [bug 2238811] Affects: fedora-all [bug 2238812]
This issue has been addressed in the following products: NETWORK-OBSERVABILITY-1.4.0-RHEL-9 Via RHSA-2023:5974 https://access.redhat.com/errata/RHSA-2023:5974
This issue has been addressed in the following products: Cryostat 2 on RHEL 8 Via RHSA-2023:6031 https://access.redhat.com/errata/RHSA-2023:6031
This issue has been addressed in the following products: Red Hat Openshift distributed tracing 2.9 Via RHSA-2023:6085 https://access.redhat.com/errata/RHSA-2023:6085
This issue has been addressed in the following products: OADP-1.1-RHEL-8 Via RHSA-2023:6115 https://access.redhat.com/errata/RHSA-2023:6115
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.3 for RHEL 8 Via RHSA-2023:6119 https://access.redhat.com/errata/RHSA-2023:6119
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8 Via RHSA-2023:6122 https://access.redhat.com/errata/RHSA-2023:6122
This issue has been addressed in the following products: RODOO-1.0-RHEL-8 Via RHSA-2023:5947 https://access.redhat.com/errata/RHSA-2023:5947
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.2 for RHEL 8 Via RHSA-2023:6145 https://access.redhat.com/errata/RHSA-2023:6145
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8 Via RHSA-2023:6148 https://access.redhat.com/errata/RHSA-2023:6148
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2023:6161 https://access.redhat.com/errata/RHSA-2023:6161
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.1 for RHEL 8 Via RHSA-2023:6200 https://access.redhat.com/errata/RHSA-2023:6200
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 Via RHSA-2023:6202 https://access.redhat.com/errata/RHSA-2023:6202
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5009 https://access.redhat.com/errata/RHSA-2023:5009
This issue has been addressed in the following products: OSSO-1.2-RHEL-8 Via RHSA-2023:6154 https://access.redhat.com/errata/RHSA-2023:6154
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6840 https://access.redhat.com/errata/RHSA-2023:6840
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Ansible Automation Platform 2.4 for RHEL 9 Via RHSA-2023:7517 https://access.redhat.com/errata/RHSA-2023:7517
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7762 https://access.redhat.com/errata/RHSA-2023:7762
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7764 https://access.redhat.com/errata/RHSA-2023:7764
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7765 https://access.redhat.com/errata/RHSA-2023:7765
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7763 https://access.redhat.com/errata/RHSA-2023:7763
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7766 https://access.redhat.com/errata/RHSA-2023:7766
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0121 https://access.redhat.com/errata/RHSA-2024:0121
This issue has been addressed in the following products: Service Interconnect 1 for RHEL 9 Via RHSA-2024:1901 https://access.redhat.com/errata/RHSA-2024:1901