grafana-pcp-5.1.1-2.el8_10.ML.1
エラータID: AXBA:2024-8391:04
リリース日:
2024/06/19 Wednesday - 13:58
題名:
grafana-pcp-5.1.1-2.el8_10.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
N/A
解決策:
Update packages.
CVE:
CVE-2024-1394
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey and ctx will be nil inside the deferred function that should free them.
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey and ctx will be nil inside the deferred function that should free them.
追加情報:
N/A
ダウンロード:
SRPMS
- grafana-pcp-5.1.1-2.el8_10.ML.1.src.rpm
MD5: 05769e022522b0b48549fdf26a10e7ac
SHA-256: dffa8553293be608a9b8ba8e8539ce57e289e3732ffedc701e527191fc874d84
Size: 59.22 MB
Asianux Server 8 for x86_64
- grafana-pcp-5.1.1-2.el8_10.ML.1.x86_64.rpm
MD5: 49a3bb4903af344e902d0d1475c38365
SHA-256: 26dea78a8a08c7be0b05c6cacfd3c326b8a54757bd39d3b4f5e51de43f372a1c
Size: 10.71 MB