Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "golang-1.18", "binary_version": "1.18.1-1ubuntu1~18.04.4" }, { "binary_name": "golang-1.18-doc", "binary_version": "1.18.1-1ubuntu1~18.04.4" }, { "binary_name": "golang-1.18-go", "binary_version": "1.18.1-1ubuntu1~18.04.4" }, { "binary_name": "golang-1.18-src", "binary_version": "1.18.1-1ubuntu1~18.04.4" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "golang-1.18", "binary_version": "1.18.1-1ubuntu1~20.04.2" }, { "binary_name": "golang-1.18-doc", "binary_version": "1.18.1-1ubuntu1~20.04.2" }, { "binary_name": "golang-1.18-go", "binary_version": "1.18.1-1ubuntu1~20.04.2" }, { "binary_name": "golang-1.18-go-dbgsym", "binary_version": "1.18.1-1ubuntu1~20.04.2" }, { "binary_name": "golang-1.18-src", "binary_version": "1.18.1-1ubuntu1~20.04.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "golang-1.18", "binary_version": "1.18.1-1ubuntu1.1" }, { "binary_name": "golang-1.18-doc", "binary_version": "1.18.1-1ubuntu1.1" }, { "binary_name": "golang-1.18-go", "binary_version": "1.18.1-1ubuntu1.1" }, { "binary_name": "golang-1.18-go-dbgsym", "binary_version": "1.18.1-1ubuntu1.1" }, { "binary_name": "golang-1.18-src", "binary_version": "1.18.1-1ubuntu1.1" } ] }