CVE-2024-24788

May 8, 2024, 5:05 p.m.

Tags

2024-05-08
security@golang.org
CVE-2024-24788

Product(s) Impacted

Go programming language

Description

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

Weaknesses

Date

Published: May 8, 2024, 4:15 p.m.

Last Modified: May 8, 2024, 5:05 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

security@golang.org

References

https://go.dev/cl/578375
security@golang.org
https://go.dev/issue/66754
security@golang.org
https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
security@golang.org
https://pkg.go.dev/vuln/GO-2024-2824
security@golang.org