Описание
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| trusty | not-affected | golang 1.21 only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | golang 1.21 only |
| esm-infra/bionic | not-affected | golang 1.21 only |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | golang 1.21 only |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-apps/bionic | not-affected | golang 1.21 only |
| esm-apps/jammy | not-affected | golang 1.21 only |
| esm-apps/xenial | not-affected | golang 1.21 only |
| esm-infra/focal | not-affected | golang 1.21 only |
| focal | not-affected | golang 1.21 only |
| jammy | not-affected | golang 1.21 only |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | not-affected | golang 1.21 only |
| focal | not-affected | golang 1.21 only |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-apps/bionic | not-affected | golang 1.21 only |
| esm-apps/focal | not-affected | golang 1.21 only |
| focal | not-affected | golang 1.21 only |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | not-affected | golang 1.21 only |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-apps/bionic | not-affected | golang 1.21 only |
| esm-apps/xenial | not-affected | golang 1.21 only |
| esm-infra/focal | DNE | focal was not-affected [golang 1.21 only] |
| focal | not-affected | golang 1.21 only |
| jammy | not-affected | golang 1.21 only |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | not-affected | golang 1.21 only |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | focal was not-affected [golang 1.21 only] |
| focal | not-affected | golang 1.21 only |
| jammy | not-affected | golang 1.21 only |
| lunar | not-affected | golang 1.21 only |
| mantic | not-affected | golang 1.21 only |
| noble | DNE | |
| oracular | DNE | |
| trusty | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/noble | not-affected | 1.21.5-1 |
| esm-infra/focal | DNE | focal was not-affected [1.21.1-1~ubuntu20.04.1] |
| focal | not-affected | 1.21.1-1~ubuntu20.04.1 |
| jammy | not-affected | 1.21.1-1~ubuntu22.04.1 |
| lunar | not-affected | 1.21.1-1~ubuntu23.04.1 |
| mantic | not-affected | 1.21.1-1 |
| noble | not-affected | 1.21.5-1 |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | golang 1.21 only |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-apps/bionic | not-affected | golang 1.21 only |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | golang 1.21 only |
| devel | DNE | |
| esm-apps/bionic | not-affected | golang 1.21 only |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS3
Связанные уязвимости
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.
QUIC connections do not set an upper bound on the amount of data buffe ...
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.
EPSS
7.5 High
CVSS3