Infinite loop in parsing in go/scanner

GO-2023-1702 · BIT-golang-2023-24537 · CVE-2023-24537

Published Apr 5, 2023 · Modified Feb 4, 2026

Description

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow.

References

REPORT https://go.dev/issue/59180
FIX https://go.dev/cl/482078
WEB https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes