Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.18.1-1ubuntu1~18.04.4", "binary_name": "golang-1.18" }, { "binary_version": "1.18.1-1ubuntu1~18.04.4", "binary_name": "golang-1.18-doc" }, { "binary_version": "1.18.1-1ubuntu1~18.04.4", "binary_name": "golang-1.18-go" }, { "binary_version": "1.18.1-1ubuntu1~18.04.4", "binary_name": "golang-1.18-src" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.18.1-1ubuntu1~20.04.2", "binary_name": "golang-1.18" }, { "binary_version": "1.18.1-1ubuntu1~20.04.2", "binary_name": "golang-1.18-doc" }, { "binary_version": "1.18.1-1ubuntu1~20.04.2", "binary_name": "golang-1.18-go" }, { "binary_version": "1.18.1-1ubuntu1~20.04.2", "binary_name": "golang-1.18-go-dbgsym" }, { "binary_version": "1.18.1-1ubuntu1~20.04.2", "binary_name": "golang-1.18-src" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.18.1-1ubuntu1.1", "binary_name": "golang-1.18" }, { "binary_version": "1.18.1-1ubuntu1.1", "binary_name": "golang-1.18-doc" }, { "binary_version": "1.18.1-1ubuntu1.1", "binary_name": "golang-1.18-go" }, { "binary_version": "1.18.1-1ubuntu1.1", "binary_name": "golang-1.18-go-dbgsym" }, { "binary_version": "1.18.1-1ubuntu1.1", "binary_name": "golang-1.18-src" } ] }