Bug 2310527 (CVE-2024-34155) - CVE-2024-34155 go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion [NEEDINFO]
Summary: CVE-2024-34155 go/parser: golang: Calling any of the Parse functions containi...
Keywords:
Status: NEW
Alias: CVE-2024-34155
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2311675 2310576 2310577 2310578 2310579 2310580 2310581 2310582 2310583 2310584 2310585 2310586 2310587 2310588 2310589 2310590 2310591
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-09-06 21:20 UTC by OSIDB Bzimport
Modified: 2025-05-15 08:28 UTC (History)
123 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:
mijjapur: needinfo? (prodsec-dev)

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2024:7096 0 None None None 2024-09-25 06:51:56 UTC
Red Hat Product Errata RHBA-2024:8041 0 None None None 2024-10-14 05:27:09 UTC
Red Hat Product Errata RHBA-2024:8135 0 None None None 2024-10-15 13:25:25 UTC
Red Hat Product Errata RHBA-2024:8225 0 None None None 2024-10-17 00:55:09 UTC
Red Hat Product Errata RHBA-2024:8277 0 None None None 2024-10-21 00:09:59 UTC
Red Hat Product Errata RHBA-2024:8278 0 None None None 2024-10-21 00:22:20 UTC
Red Hat Product Errata RHSA-2024:10883 0 None None None 2024-12-09 12:11:44 UTC
Red Hat Product Errata RHSA-2024:10906 0 None None None 2024-12-10 01:38:14 UTC
Red Hat Product Errata RHSA-2024:6908 0 None None None 2024-09-23 01:47:19 UTC
Red Hat Product Errata RHSA-2024:6913 0 None None None 2024-09-23 01:48:03 UTC
Red Hat Product Errata RHSA-2024:8014 0 None None None 2024-10-22 01:06:11 UTC
Red Hat Product Errata RHSA-2024:8038 0 None None None 2024-10-14 02:14:38 UTC
Red Hat Product Errata RHSA-2024:8039 0 None None None 2024-10-14 01:58:57 UTC
Red Hat Product Errata RHSA-2024:8112 0 None None None 2024-10-15 09:28:03 UTC
Red Hat Product Errata RHSA-2024:8219 0 None None None 2024-11-18 00:47:21 UTC
Red Hat Product Errata RHSA-2024:8229 0 None None None 2024-10-23 05:29:25 UTC
Red Hat Product Errata RHSA-2024:8232 0 None None None 2024-10-23 05:47:26 UTC
Red Hat Product Errata RHSA-2024:8260 0 None None None 2024-10-24 10:45:13 UTC
Red Hat Product Errata RHSA-2024:8263 0 None None None 2024-10-24 10:59:23 UTC
Red Hat Product Errata RHSA-2024:8329 0 None None None 2024-10-22 15:40:42 UTC
Red Hat Product Errata RHSA-2024:8337 0 None None None 2024-10-31 00:55:45 UTC
Red Hat Product Errata RHSA-2024:8425 0 None None None 2024-10-31 03:37:56 UTC
Red Hat Product Errata RHSA-2024:8428 0 None None None 2024-10-31 03:56:38 UTC
Red Hat Product Errata RHSA-2024:8688 0 None None None 2024-11-06 14:30:54 UTC
Red Hat Product Errata RHSA-2024:8690 0 None None None 2024-11-06 14:48:09 UTC
Red Hat Product Errata RHSA-2024:8692 0 None None None 2024-11-07 03:09:20 UTC
Red Hat Product Errata RHSA-2024:8694 0 None None None 2024-11-07 03:29:02 UTC
Red Hat Product Errata RHSA-2024:8697 0 None None None 2024-11-08 01:46:56 UTC
Red Hat Product Errata RHSA-2024:8700 0 None None None 2024-11-08 15:00:11 UTC
Red Hat Product Errata RHSA-2024:8704 0 None None None 2024-12-02 14:11:51 UTC
Red Hat Product Errata RHSA-2024:9454 0 None None None 2024-11-12 11:11:56 UTC
Red Hat Product Errata RHSA-2024:9459 0 None None None 2024-11-12 11:13:05 UTC
Red Hat Product Errata RHSA-2024:9485 0 None None None 2024-11-13 13:16:23 UTC
Red Hat Product Errata RHSA-2024:9960 0 None None None 2024-11-19 01:54:32 UTC
Red Hat Product Errata RHSA-2025:0771 0 None None None 2025-01-28 15:51:27 UTC

Description OSIDB Bzimport 2024-09-06 21:20:30 UTC 
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
Comment 2 errata-xmlrpc 2024-09-23 01:47:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:6908 https://access.redhat.com/errata/RHSA-2024:6908
Comment 3 errata-xmlrpc 2024-09-23 01:47:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:6913 https://access.redhat.com/errata/RHSA-2024:6913
Comment 6 errata-xmlrpc 2024-10-14 01:58:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:8039 https://access.redhat.com/errata/RHSA-2024:8039
Comment 7 errata-xmlrpc 2024-10-14 02:14:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:8038 https://access.redhat.com/errata/RHSA-2024:8038
Comment 8 errata-xmlrpc 2024-10-15 09:27:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:8112 https://access.redhat.com/errata/RHSA-2024:8112
Comment 9 errata-xmlrpc 2024-10-22 01:06:04 UTC 
This issue has been addressed in the following products:

  NETWORK-OBSERVABILITY-1.7.0-RHEL-9

Via RHSA-2024:8014 https://access.redhat.com/errata/RHSA-2024:8014
Comment 10 errata-xmlrpc 2024-10-22 15:40:35 UTC 
This issue has been addressed in the following products:

  Cryostat 3 on RHEL 8

Via RHSA-2024:8329 https://access.redhat.com/errata/RHSA-2024:8329
Comment 11 errata-xmlrpc 2024-10-23 05:29:18 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2024:8229 https://access.redhat.com/errata/RHSA-2024:8229
Comment 12 errata-xmlrpc 2024-10-23 05:47:20 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.17

Via RHSA-2024:8232 https://access.redhat.com/errata/RHSA-2024:8232
Comment 13 errata-xmlrpc 2024-10-24 10:45:07 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2024:8260 https://access.redhat.com/errata/RHSA-2024:8260
Comment 14 errata-xmlrpc 2024-10-24 10:59:16 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2024:8263 https://access.redhat.com/errata/RHSA-2024:8263
Comment 15 errata-xmlrpc 2024-10-31 00:55:38 UTC 
This issue has been addressed in the following products:

  RODOO-1.1-RHEL-9

Via RHSA-2024:8337 https://access.redhat.com/errata/RHSA-2024:8337
Comment 16 errata-xmlrpc 2024-10-31 03:37:49 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:8425 https://access.redhat.com/errata/RHSA-2024:8425
Comment 17 errata-xmlrpc 2024-10-31 03:56:31 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:8428 https://access.redhat.com/errata/RHSA-2024:8428
Comment 18 errata-xmlrpc 2024-11-06 14:30:47 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2024:8688 https://access.redhat.com/errata/RHSA-2024:8688
Comment 19 errata-xmlrpc 2024-11-06 14:48:01 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13

Via RHSA-2024:8690 https://access.redhat.com/errata/RHSA-2024:8690
Comment 20 errata-xmlrpc 2024-11-07 03:09:14 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12

Via RHSA-2024:8692 https://access.redhat.com/errata/RHSA-2024:8692
Comment 21 errata-xmlrpc 2024-11-07 03:28:55 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12
  Ironic content for Red Hat OpenShift Container Platform 4.12

Via RHSA-2024:8694 https://access.redhat.com/errata/RHSA-2024:8694
Comment 22 errata-xmlrpc 2024-11-08 01:46:50 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2024:8697 https://access.redhat.com/errata/RHSA-2024:8697
Comment 23 errata-xmlrpc 2024-11-08 15:00:05 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2024:8700 https://access.redhat.com/errata/RHSA-2024:8700
Comment 24 errata-xmlrpc 2024-11-12 11:11:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9454 https://access.redhat.com/errata/RHSA-2024:9454
Comment 25 errata-xmlrpc 2024-11-12 11:12:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9459 https://access.redhat.com/errata/RHSA-2024:9459
Comment 26 errata-xmlrpc 2024-11-13 13:16:16 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Services on OpenShift PODIFIED 1.0

Via RHSA-2024:9485 https://access.redhat.com/errata/RHSA-2024:9485
Comment 27 errata-xmlrpc 2024-11-18 00:47:15 UTC 
This issue has been addressed in the following products:

  OSSO-1.2-RHEL-9

Via RHSA-2024:8219 https://access.redhat.com/errata/RHSA-2024:8219
Comment 28 errata-xmlrpc 2024-11-19 01:54:25 UTC 
This issue has been addressed in the following products:

  OADP-1.3-RHEL-9

Via RHSA-2024:9960 https://access.redhat.com/errata/RHSA-2024:9960
Comment 29 errata-xmlrpc 2024-12-02 14:11:43 UTC 
This issue has been addressed in the following products:

  KDO-5.0-RHEL-9

Via RHSA-2024:8704 https://access.redhat.com/errata/RHSA-2024:8704
Comment 30 errata-xmlrpc 2024-12-09 12:11:35 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2024:10883 https://access.redhat.com/errata/RHSA-2024:10883
Comment 31 errata-xmlrpc 2024-12-10 01:38:05 UTC 
This issue has been addressed in the following products:

  Red Hat Migration Toolkit for Containers 1.8

Via RHSA-2024:10906 https://access.redhat.com/errata/RHSA-2024:10906
Comment 32 errata-xmlrpc 2025-01-28 15:51:20 UTC 
This issue has been addressed in the following products:

  OADP-1.4-RHEL-9

Via RHSA-2025:0771 https://access.redhat.com/errata/RHSA-2025:0771
Note You need to log in before you can comment on or make changes to this bug.