Showing 1 - 13 of 13

CVE-2024-1394

Status Candidate

Overview

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey and ctx will be nil inside the deferred function that should free them.

Related Files

Red Hat Security Advisory 2024-1763-03: Posted Apr 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1763-03 - Red Hat OpenShift Container Platform release 4.13.40 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 94335cdc59e8b4b06721457bc56561a83f4c409b3fb4ab5aa450beb65912456a; Download | Favorite | View

Red Hat Security Advisory 2024-1567-03: Posted Apr 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1567-03 - Red Hat OpenShift Container Platform release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 05a1cbe893be49827492114fcf2c9a3d278750da5ef71daee534c6bb1a053164; Download | Favorite | View

Red Hat Security Advisory 2024-1566-03: Posted Apr 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1566-03 - Red Hat build of MicroShift release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 62b6b98106e275200c7461bddbe6b22d9fb8e0748120dc9302b6d521809b7da6; Download | Favorite | View

Red Hat Security Advisory 2024-1646-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1646-03 - An update for grafana is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 1e23c4a8d6f37a469ee2fa3ea2f55f91218728f05fdb432edd0e98d0140f6568; Download | Favorite | View

Red Hat Security Advisory 2024-1644-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1644-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 047b2f99937689f2c3435ef5fb4801820add19986eecd556d9fcd709f52e22d3; Download | Favorite | View

Red Hat Security Advisory 2024-1574-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1574-03 - Red Hat OpenShift Container Platform release 4.12.54 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 5f3cb8b4885c1ce0c500bcb57a2b7d408169051db117a9c02352da89621ce31b; Download | Favorite | View

Red Hat Security Advisory 2024-1563-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1563-03 - Red Hat OpenShift Container Platform release 4.15.6 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | ed51c386b7b1873ace834de05600e2cc82c74276a8ce6d57b6ca6298fe5f668e; Download | Favorite | View

Red Hat Security Advisory 2024-1561-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1561-03 - Red Hat build of MicroShift release 4.15.6 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | ee63a1ca4a85743304747b6a137357f31cce6b4d1ee1c4bc52ca29e251038433; Download | Favorite | View

Red Hat Security Advisory 2024-1502-03: Posted Mar 26, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1502-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 64af92473e9dc53ecf48f74ebad70ff0466cead91970b760217b6a2ed21f16c0; Download | Favorite | View

Red Hat Security Advisory 2024-1501-03: Posted Mar 26, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1501-03 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | ebb63361bb759d3a9e7a13173336126c9fc98df8ecb9106b9f4cd1f8f0240020; Download | Favorite | View

Red Hat Security Advisory 2024-1472-03: Posted Mar 22, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1472-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 5f645f06f6c84589dda4aabe3ce13b56b1e7f110aa5cfb218ca59eaa261e5d5c; Download | Favorite | View

Red Hat Security Advisory 2024-1468-03: Posted Mar 22, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1468-03 - An update for go-toolset-1.19-golang is now available for Red Hat Developer Tools. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | 04acb2d2456fffc7f4ec7acde25b31ce6e592eb03027eb856ee8eb1ed609286a; Download | Favorite | View

Red Hat Security Advisory 2024-1462-03: Posted Mar 21, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1462-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2024-1394; SHA-256 | a1f139678064f973bf9339948a0a0860a16d6b4a312f391e94568db305ae7c17; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 54 files
Debian 28 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 7 files
Google Security Research 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,023)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,346)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,586)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,464)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2024-1394

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems