Lucene search

K
redhatcveRedhat.comRH:CVE-2024-24788
HistoryMay 09, 2024 - 4:53 a.m.

CVE-2024-24788

2024-05-0904:53:58
redhat.com
access.redhat.com
23
flaw
go stdlib
net package
dns messages
dos

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%