Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices in memory with (arbitrary) excessive size value, which can either exhaust available memory or crash the whole program. When using `github.com/gagliardetto/binary` to parse unchecked (or wrong type of) data from untrusted sources of input (e.g. the blockchain) into slices, it's possible to allocate memory with excessive size. When `dec.Decode(&val)` method is used to parse data into a structure that is or contains slices of values, the length of the slice was previously read directly from the data itself without any checks on the size of it, and then a slice was allocated. This could lead to an overflow and an allocation of memory with excessive size value. Users should upgrade to `v0.7.1` or higher. A workaround is not to rely on the `dec.Decode(&val)` function to parse the data, but to use a custom `UnmarshalWithDecoder()` method that reads and checks the length of any slice.
References
Link | Resource |
---|---|
https://github.com/gagliardetto/binary/pull/7 | Issue Tracking Patch Third Party Advisory |
https://github.com/gagliardetto/binary/releases/tag/v0.7.1 | Release Notes Third Party Advisory |
https://github.com/gagliardetto/binary/security/advisories/GHSA-4p6f-m4f9-ch88 | Exploit Mitigation Third Party Advisory |
https://github.com/gagliardetto/binary/pull/7 | Issue Tracking Patch Third Party Advisory |
https://github.com/gagliardetto/binary/releases/tag/v0.7.1 | Release Notes Third Party Advisory |
https://github.com/gagliardetto/binary/security/advisories/GHSA-4p6f-m4f9-ch88 | Exploit Mitigation Third Party Advisory |
Configurations
History
21 Nov 2024, 07:12
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/gagliardetto/binary/pull/7 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/gagliardetto/binary/releases/tag/v0.7.1 - Release Notes, Third Party Advisory | |
References | () https://github.com/gagliardetto/binary/security/advisories/GHSA-4p6f-m4f9-ch88 - Exploit, Mitigation, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
21 Jul 2023, 19:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1284 |
09 Sep 2022, 03:41
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/gagliardetto/binary/releases/tag/v0.7.1 - Release Notes, Third Party Advisory | |
References | (MISC) https://github.com/gagliardetto/binary/pull/7 - Issue Tracking, Patch, Third Party Advisory | |
References | (CONFIRM) https://github.com/gagliardetto/binary/security/advisories/GHSA-4p6f-m4f9-ch88 - Exploit, Mitigation, Third Party Advisory | |
CPE | cpe:2.3:a:binary_project:binary:*:*:*:*:*:go:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-400 |
03 Sep 2022, 01:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-02 13:15
Updated : 2024-11-21 07:12
NVD link : CVE-2022-36078
Mitre link : CVE-2022-36078
CVE.ORG link : CVE-2022-36078
JSON object : View
Products Affected
binary_project
- binary