2053532 – (CVE-2022-23772) CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString

Bug 2053532 (CVE-2022-23772) - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString

Summary: CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an un...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-23772
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2053534 2073717 2073718 2053533 2053535 2054246 2054247 2054840 2054843 2054845 2056093 2056094 2056095 2056096 2056097 2056098 2056099 2056100 2056101 2056102 2067536 2068662 2068663 2068664 2068667 2068668 2068669 2068670 2068671 2068672 2068673 2068674 2068675 2068676 2068677 2068678 2068679 2068680 2068681 2068682 2068803 2068804 2068805 2068806 2068807 2068808 2068809 2068810 2068811 2068812 2068813 2068814 2068815 2068816 2068817 2068818 2068819 2068820 2068821 2068822 2068823 2068824 2068825 2068826 2068827 2068828 2068829 2068830 2068831 2068832 2068833 2068834 2068835 2068836 2068837 2068838 2068840 2068841 2068842 2068843 2068844 2068845 2068846 2068847 2068848 2068849 2068850 2077693 2080403 2080404 2168805
Blocks:	2053545
TreeView+	depends on / blocked

Reported:	2022-02-11 13:32 UTC by Guilherme de Almeida Suckevicz
Modified:	2024-04-11 22:47 UTC (History)
CC List:	123 users (show)
Fixed In Version:	go 1.17.7, go 1.16.14
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.
Clone Of:
Environment:
Last Closed:	2022-05-11 16:16:41 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2022:1819	None	Waiting on Red Hat	num_objects differ from one zone to another replicated zone	2022-05-12 22:16:08 UTC
Red Hat Product Errata	RHSA-2022:4860	None	None	None	2022-06-01 11:46:25 UTC
Red Hat Product Errata	RHSA-2022:4863	None	None	None	2022-06-01 13:59:39 UTC
Red Hat Product Errata	RHSA-2022:5004	None	None	None	2022-06-13 12:33:24 UTC
Red Hat Product Errata	RHSA-2022:5068	None	None	None	2022-08-10 10:08:56 UTC
Red Hat Product Errata	RHSA-2022:5730	None	None	None	2022-08-01 11:34:31 UTC
Red Hat Product Errata	RHSA-2022:6155	None	None	None	2022-08-24 13:41:27 UTC
Red Hat Product Errata	RHSA-2022:6156	None	None	None	2022-08-24 13:46:57 UTC
Red Hat Product Errata	RHSA-2022:6526	None	None	None	2022-09-14 19:27:38 UTC
Red Hat Product Errata	RHSA-2023:0408	None	None	None	2023-01-24 13:34:35 UTC
Red Hat Product Errata	RHSA-2023:1529	None	None	None	2023-03-30 00:42:46 UTC
Red Hat Product Errata	RHSA-2023:3914	None	None	None	2023-07-06 02:44:31 UTC

Description Guilherme de Almeida Suckevicz 2022-02-11 13:32:55 UTC

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.

Reference:
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ

Comment 1 Guilherme de Almeida Suckevicz 2022-02-11 13:33:46 UTC

Created golang tracking bugs for this issue:

Affects: epel-all [bug 2053533]
Affects: fedora-all [bug 2053535]
Affects: openstack-rdo [bug 2053534]

Comment 10 Nick Tait 2022-03-25 21:35:54 UTC

Upstream issue: https://github.com/golang/go/issues/50699
Patch: https://github.com/golang/go/commit/ad345c265916bbf6c646865e4642eafce6d39e78

Comment 22 errata-xmlrpc 2022-05-10 13:39:04 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:1819 https://access.redhat.com/errata/RHSA-2022:1819

Comment 23 Product Security DevOps Team 2022-05-11 16:16:34 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-23772

Comment 24 errata-xmlrpc 2022-06-01 11:46:18 UTC

This issue has been addressed in the following products:

  Openshift Serverless 1 on RHEL 8

Via RHSA-2022:4860 https://access.redhat.com/errata/RHSA-2022:4860

Comment 25 errata-xmlrpc 2022-06-01 13:59:32 UTC

This issue has been addressed in the following products:

  Openshift Serveless 1.22

Via RHSA-2022:4863 https://access.redhat.com/errata/RHSA-2022:4863

Comment 26 errata-xmlrpc 2022-06-13 12:33:17 UTC

This issue has been addressed in the following products:

  OpenShift Service Mesh 2.1

Via RHSA-2022:5004 https://access.redhat.com/errata/RHSA-2022:5004

Comment 27 errata-xmlrpc 2022-08-01 11:34:27 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.10

Via RHSA-2022:5730 https://access.redhat.com/errata/RHSA-2022:5730

Comment 28 errata-xmlrpc 2022-08-10 10:08:50 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11
  Ironic content for Red Hat OpenShift Container Platform 4.11

Via RHSA-2022:5068 https://access.redhat.com/errata/RHSA-2022:5068

Comment 29 errata-xmlrpc 2022-08-24 13:41:21 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Data Foundation 4.11 on RHEL8

Via RHSA-2022:6155 https://access.redhat.com/errata/RHSA-2022:6155

Comment 30 errata-xmlrpc 2022-08-24 13:46:52 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Data Foundation 4.11 on RHEL8

Via RHSA-2022:6156 https://access.redhat.com/errata/RHSA-2022:6156

Comment 31 errata-xmlrpc 2022-09-14 19:27:32 UTC

This issue has been addressed in the following products:

  RHEL-8-CNV-4.11

Via RHSA-2022:6526 https://access.redhat.com/errata/RHSA-2022:6526

Comment 32 errata-xmlrpc 2023-01-24 13:34:31 UTC

This issue has been addressed in the following products:

  RHEL-8-CNV-4.12

Via RHSA-2023:0408 https://access.redhat.com/errata/RHSA-2023:0408

Comment 34 errata-xmlrpc 2023-03-30 00:42:42 UTC

This issue has been addressed in the following products:

  STF-1.5-RHEL-8

Via RHSA-2023:1529 https://access.redhat.com/errata/RHSA-2023:1529

Comment 35 errata-xmlrpc 2023-07-06 02:44:26 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.11

Via RHSA-2023:3914 https://access.redhat.com/errata/RHSA-2023:3914

Note You need to log in before you can comment on or make changes to this bug.

abishop
akashem
alitke
amctagga
amuller
amurdaca
anharris
anpicker
aos-bugs
apevec
asm
bbennett
bdettelb
bmontgom
bniver
bodavis
caswilli
cnv-qe-bugs
crarobin
dbecker
dbenoit
dholler
dornelas
dwalsh
dwd
dwhatley
dymurray
eglynn
emachado
eparis
erooth
etamir
fdeutsch
fjansen
flucifre
gmeno
hchiramm
hvyas
ibolton
jaharrin
jakob
jarrpa
jburrell
jcajka
jeder
jjoyce
jligon
jmadigan
jmatthew
jmontleo
jmulligan
jokerman
jortel
jpadman
jschluet
jwendell
jwong
jwon
kaycoth
krathod
lball
lemenkov
lhh
lhinds
lmadsen
lmeyer
lpeer
madam
maszulik
matzew
mbenjamin
mburns
mfojtik
mgarciac
mhackett
mkleinhe
mmagr
mnewsome
mrunge
mrussell
mthoemme
mwringe
nbecker
ngough
nobody
nstielau
ntait
ocs-bugs
pamccart
ploffay
rcernich
rfreiman
rhcos-triage
rhos-maint
rhs-bugs
rhuss
rphillips
rrajasek
rtalur
sabose
sclewis
sgott
sipoyare
slinaber
slucidi
sostapov
spasquie
sponnaga
spower
sseago
stirabos
sttts
tcarlin
tkasparek
tnielsen
tstellar
tsweeney
twalsh
vereddy
vkumar
xxia
ypadia
ytale