VDB
GO-2024-3302
GO-2024-3302
PUBLISHED
ICMP Packet Too Large Injection Attack on Linux in github.com/quic-go/quic-go
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | quic-go/quic-go | 0, 0 |
Timeline
- Dec 4, 2024 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr advisory
- https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50 patch
- https://github.com/quic-go/quic-go/pull/4729 patch
- https://github.com/quic-go/quic-go/releases/tag/v0.48.2 url
- https://datatracker.ietf.org/doc/draft-seemann-tsvwg-udp-fragmentation/ report