GO-2022-1032 Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package in github.com/cloudflare/goflow

Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package in github.com/cloudflare/goflow...

GHSA-9RPW-2H95-666C Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package

Impact The sflow decode package prior to version 3.4.4 does not employ sufficient packet sanitisation which can lead to a denial of service attack. Attackers can craft malformed packets causing the process to consume huge amounts of memory resulting in a denial of service. Specific Go Packages...

Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package

Impact The sflow decode package prior to version 3.4.4 does not employ sufficient packet sanitisation which can lead to a denial of service attack. Attackers can craft malformed packets causing the process to consume huge amounts of memory resulting in a denial of service. Specific Go Packages...

GoFlow 资源管理错误漏洞

GoFlow is an open source NetFlow/IPFIX/sFlow collector in Go by Cloudflare. A resource management error vulnerability exists in GoFlow versions prior to 3.4.4, which stems from insufficient packet cleanup and processes consuming large amounts of memory, leading to denial of service attacks...

Cloudflare Public Bug Bounty: Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs

sflow decode package of the Goflow application did not implement sufficient packet sanitisation which could lead to a denial of service attack. Attackers could craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service. The issue has been fixed...