Vulnerability Report: GO-2021-0263

standard library

Calling File.ImportedSymbols on a loaded file which contains an invalid dynamic symbol table command can cause a panic, in particular if the encoded number of undefined symbols is larger than the number of symbols in the symbol table.

Affected Packages

  • Path
    Go Versions
    Symbols
  • before go1.16.10, from go1.17.0-0 before go1.17.3

Aliases

References

Credits

  • Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech)

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL