Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 927498 (CVE-2024-24786)

Summary: [Tracker] Podman BuildKit infinite loop when unmarshaling certain forms of invalid JSON
Product: Gentoo Security Reporter: Rahil Bhimjiani <me>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: UNCONFIRMED ---    
Severity: normal Keywords: SECURITY, Tracker
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 927499, 927500    
Bug Blocks:    

Description Rahil Bhimjiani 2024-03-22 10:18:04 UTC 
Any Golang package with <1.33.0 of google.golang.org/protobuf in go.mod is affected.

https://github.com/advisories/GHSA-8r3f-844c-mc37