{"id":"CVE-2024-24788","details":"A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.","aliases":["BIT-golang-2024-24788","GO-2024-2824"],"modified":"2026-04-16T00:04:12.957875811Z","published":"2024-05-08T16:15:08Z","withdrawn":"2025-02-28T06:58:19.302985Z","related":["ALSA-2024:5291","ALSA-2024:6969","ALSA-2024:9089","ALSA-2024:9098","ALSA-2024:9115","ALSA-2024:9135","ALSA-2024:9200","ALSA-2024:9277","ALSA-2025:7256","CGA-xrpf-g8fm-8m6m","SUSE-SU-2024:1573-1","SUSE-SU-2024:1587-1","SUSE-SU-2024:3772-1","SUSE-SU-2024:3938-1","openSUSE-SU-2024:13936-1","openSUSE-SU-2024:13990-1","openSUSE-SU-2024:14000-1","openSUSE-SU-2024:14076-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240605-0002/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240614-0001/"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/05/08/3"},{"type":"WEB","url":"https://go.dev/cl/578375"},{"type":"WEB","url":"https://go.dev/issue/66754"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/wkkO4P9stm0"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2024-2824"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2024-24788"}],"affected":[{"package":{"name":"golang-1.22","ecosystem":"Debian:13","purl":"pkg:deb/debian/golang-1.22?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.22.3-1"}]}],"versions":["1.22.0-1","1.22.0-1~bpo12+1","1.22.0-2","1.22.0-2~bpo12+1","1.22.1-1","1.22.1-1~bpo12+1","1.22.2-1","1.22.2-2","1.22~rc1-1","1.22~rc1-2","1.22~rc1-2~bpo12+1","1.22~rc2-1"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-24788.json"}}],"schema_version":"1.7.3"}