Wind River Support Network

HomeDefectsLIN1022-10678
Fixed

LIN1022-10678 : Security Advisory - go - CVE-2024-34156

Created: Aug 29, 2024    Updated: Mar 5, 2025
Resolved Date: Feb 27, 2025
Found In Version: 10.22.33.1
Fix Version: 10.22.33.20
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

https://nvd.nist.gov/vuln/detail/CVE-2024-34156
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube