Уязвимость языка программирования Go, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость golang

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls

If one side of the TLS connection sends multiple key update messages p ...

Important: go-fdo-client security update

Important: grafana-pcp security update

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

ELSA-2026-11881: grafana-pcp security update (IMPORTANT)

Important: grafana-pcp security update

Important: go-fdo-server security update

Important: grafana-pcp security update

Important: yggdrasil security update

Important: yggdrasil security update

Important: grafana security update

Important: grafana security update

Important: grafana-pcp security update

ELSA-2026-19351: grafana-pcp security update (IMPORTANT)