LIN1021-3203 : Security Advisory - go - CVE-2022-28327
Created: Apr 1, 2022
Updated: Oct 27, 2022
Resolved Date: Oct 17, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.14
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace
Description
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
https://nvd.nist.gov/vuln/detail/CVE-2022-28327