Vulnerability Report: GO-2024-3302
- CVE-2024-53259, GHSA-px8v-pp82-rcvr
- Affects: github.com/quic-go/quic-go
- Published: Dec 04, 2024
- Modified: Dec 12, 2024
ICMP Packet Too Large Injection Attack on Linux in github.com/quic-go/quic-go
For detailed information about this vulnerability, visit https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr.
Affected Packages
-
PathGo VersionsSymbols
-
before v0.48.2
Aliases
References
- https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr
- https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50
- https://github.com/quic-go/quic-go/pull/4729
- https://github.com/quic-go/quic-go/releases/tag/v0.48.2
- https://datatracker.ietf.org/doc/draft-seemann-tsvwg-udp-fragmentation/
- https://vuln.go.dev/ID/GO-2024-3302.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.