Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS2-2023-2024

Related Vulnerabilities: CVE-2023-24537  

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537)

Source

ALAS2-2023-2024

Amazon Linux 2 Security Advisory: ALAS-2023-2024
Advisory Release Date: 2023-04-27 18:36 Pacific
Advisory Updated Date: 2023-05-02 19:18 Pacific
Severity: Medium
Issue Overview:

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. (CVE-2023-24537)


Affected Packages:

golang


Issue Correction:
Run yum update golang to update your system.

New Packages:
aarch64:
    golang-1.18.9-1.amzn2.0.3.aarch64
    golang-bin-1.18.9-1.amzn2.0.3.aarch64
    golang-shared-1.18.9-1.amzn2.0.3.aarch64

noarch:
    golang-docs-1.18.9-1.amzn2.0.3.noarch
    golang-misc-1.18.9-1.amzn2.0.3.noarch
    golang-tests-1.18.9-1.amzn2.0.3.noarch
    golang-src-1.18.9-1.amzn2.0.3.noarch

src:
    golang-1.18.9-1.amzn2.0.3.src

x86_64:
    golang-1.18.9-1.amzn2.0.3.x86_64
    golang-bin-1.18.9-1.amzn2.0.3.x86_64
    golang-shared-1.18.9-1.amzn2.0.3.x86_64
    golang-race-1.18.9-1.amzn2.0.3.x86_64

Additional References

Red Hat: CVE-2023-24537

Mitre: CVE-2023-24537

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started