cve-2023-46239
Vulnerability from cvelistv5
Published
2023-10-31 15:02
Modified
2024-09-05 17:37
Severity ?
EPSS score ?
Summary
quic-go vulnerable to pointer dereference that can lead to panic
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T20:37:40.330Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/quic-go/quic-go/security/advisories/GHSA-3q6m-v84f-6p9h", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-3q6m-v84f-6p9h" }, { "name": "https://github.com/quic-go/quic-go/commit/b6a4725b60f1fe04e8f1ddcc3114e290fcea1617", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/quic-go/quic-go/commit/b6a4725b60f1fe04e8f1ddcc3114e290fcea1617" }, { "name": "https://github.com/quic-go/quic-go/releases/tag/v0.37.3", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/quic-go/quic-go/releases/tag/v0.37.3" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-46239", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-05T17:36:38.496208Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-05T17:37:20.453Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "quic-go", "vendor": "quic-go", "versions": [ { "status": "affected", "version": "\u003e= 0.37.0, \u003c 0.37.3" } ] } ], "descriptions": [ { "lang": "en", "value": "quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could trigger a nil pointer dereference (leading to a panic) when the node attempted to drop the Handshake packet number space. An attacker can bring down a quic-go node with very minimal effort. Completing the QUIC handshake only requires sending and receiving a few packets. Version 0.37.3 contains a patch. Versions before 0.37.0 are not affected." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-248", "description": "CWE-248: Uncaught Exception", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-31T15:02:03.413Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/quic-go/quic-go/security/advisories/GHSA-3q6m-v84f-6p9h", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-3q6m-v84f-6p9h" }, { "name": "https://github.com/quic-go/quic-go/commit/b6a4725b60f1fe04e8f1ddcc3114e290fcea1617", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/quic-go/quic-go/commit/b6a4725b60f1fe04e8f1ddcc3114e290fcea1617" }, { "name": "https://github.com/quic-go/quic-go/releases/tag/v0.37.3", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/quic-go/quic-go/releases/tag/v0.37.3" } ], "source": { "advisory": "GHSA-3q6m-v84f-6p9h", "discovery": "UNKNOWN" }, "title": "quic-go vulnerable to pointer dereference that can lead to panic" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-46239", "datePublished": "2023-10-31T15:02:03.413Z", "dateReserved": "2023-10-19T20:34:00.947Z", "dateUpdated": "2024-09-05T17:37:20.453Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-46239\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-10-31T16:15:09.543\",\"lastModified\":\"2023-11-09T00:14:04.070\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could trigger a nil pointer dereference (leading to a panic) when the node attempted to drop the Handshake packet number space. An attacker can bring down a quic-go node with very minimal effort. Completing the QUIC handshake only requires sending and receiving a few packets. Version 0.37.3 contains a patch. Versions before 0.37.0 are not affected.\"},{\"lang\":\"es\",\"value\":\"quic-go es una implementaci\u00f3n del protocolo QUIC en Go. A partir de la versi\u00f3n 0.37.0 y antes de la versi\u00f3n 0.37.3, al serializar una trama ACK despu\u00e9s de CRYTPO que permite que un nodo complete el protocolo de enlace, un nodo remoto podr\u00eda desencadenar una desreferencia de puntero nulo (lo que lleva a p\u00e1nico) cuando el nodo intenta para eliminar el espacio del n\u00famero del paquete Handshake. Un atacante puede derribar un nodo r\u00e1pido con un esfuerzo m\u00ednimo. Completar el protocolo de enlace QUIC solo requiere enviar y recibir algunos paquetes. La versi\u00f3n 0.37.3 contiene un parche. Las versiones anteriores a la 0.37.0 no se ven afectadas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quic-go_project:quic-go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.37.0\",\"versionEndExcluding\":\"0.37.3\",\"matchCriteriaId\":\"A4D3D28F-FF90-4B7E-99E8-64325B9B7D08\"}]}]}],\"references\":[{\"url\":\"https://github.com/quic-go/quic-go/commit/b6a4725b60f1fe04e8f1ddcc3114e290fcea1617\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/quic-go/quic-go/releases/tag/v0.37.3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/quic-go/quic-go/security/advisories/GHSA-3q6m-v84f-6p9h\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.