Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic.
This is caused by a bogus fanout parameter in the HAMT directory nodes. This includes checks returned in ipfs/go-bitfield GHSA-2h6c-j3gf-xp9r, as well as limiting the fanout to <= 1024 (to avoid attempts of arbitrary sized allocations).
{ "nvd_published_at": "2023-02-09T21:15:00Z", "github_reviewed_at": "2023-02-10T19:54:14Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-400" ] }