CVE-2018-17075
published 2018-09-16CVE-2018-17075: The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or…
PriorityP434high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
2.77%
84.5th percentile
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| golang.org | x_net | >= 0 < 0.0.0-20180816102801-aaf60122140d | 0.0.0-20180816102801-aaf60122140d |
| golang | net | <= 2018-07-12 | — |
| linux | linux_kernel | >= 0 < 4.4.0-170.199 | 4.4.0-170.199 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv9.8CRITICAL
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
vendor_redhat·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CWE-20 golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.
Package: grafana (Red Hat Ceph Storage 2) - Not affected
Package: grafana (Red Hat Ceph Storage 3) - Not affected
Package: golang-googlecode-net (Red Hat Enterprise Linux 7) - Not affected
Package: atomic-openshift (Red Hat OpenShift Container Platform 3.10) - Not affected
Package: atomic-openshift (Red Hat OpenShift Container Platform 3.11) - Not affected
Package: atomic-openshift (Red Hat OpenShift Container Platform 3.2) - Not affected
Package: atomic-openshift (Red Ha
GHSA
golang.org/x/net/html NULL Pointer Dereference vulnerability
ghsa·2022-05-13
CVE-2018-17075 [HIGH] CWE-476 golang.org/x/net/html NULL Pointer Dereference vulnerability
golang.org/x/net/html NULL Pointer Dereference vulnerability
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.
OSV
golang.org/x/net/html NULL Pointer Dereference vulnerability
osv·2022-05-13
CVE-2018-17075 [HIGH] golang.org/x/net/html NULL Pointer Dereference vulnerability
golang.org/x/net/html NULL Pointer Dereference vulnerability
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.
OSV
Panic when parsing malformed HTML in golang.org/x/net/html
osv·2021-04-14
CVE-2018-17075 Panic when parsing malformed HTML in golang.org/x/net/html
Panic when parsing malformed HTML in golang.org/x/net/html
The HTML parser does not properly handle "in frameset" insertion mode, and can be made to panic when operating on malformed HTML that contains tags. If operating on user input, this may be a vector for a denial of service attack.
OSV
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
osv·2019-12-03·CVSS 9.8
CVE-2018-20784 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Zhipeng Xie discovered that an infinite loop could be triggered in the CFS
Linux kernel process scheduler. A local attacker could possibly use this to
cause a denial of service. (CVE-2018-20784)
Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel
did not properly validate SSID lengths. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2019-17133)
Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux
kernel performed DMA from a kernel stack. A local attacker could use this
to cause a denial of service (system crash). (CVE-2019-17075)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
bugzilla·2018-10-15·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-6.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg
Bugzilla
CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
bugzilla·2018-10-15·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
CVE-2018-17075 golang-googlecode-net: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bugzilla
CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
bugzilla·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-6.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Bugzilla
CVE-2018-17075 golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
bugzilla·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
CVE-2018-17075 golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit.
Upstream Issue:
https://github.com/golang/go/issues/27016
https://bugs.chromium.org/p/chromium/issues/detail?id=829668
Upstream Patch:
https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50
Discussion:
Created heketi tracking bugs for this issue:
Affects: epel-6 [bug 1633045]
Affects: fedora-all [bug 1633044]
Created kompose tracking bugs for this issue:
Affects: fedora-all [bug 1633043]
Created origin tracking bugs for this is
Bugzilla
CVE-2018-17075 origin: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
bugzilla·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 origin: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
CVE-2018-17075 origin: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit
Bugzilla
CVE-2018-17075 kompose: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
bugzilla·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 kompose: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
CVE-2018-17075 kompose: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit
Bugzilla
CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
bugzilla·2018-09-26·CVSS 7.5
CVE-2018-17075 [HIGH] CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
CVE-2018-17075 heketi: golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit
https://bugs.chromium.org/p/chromium/issues/detail?id=829668https://github.com/golang/go/issues/27016https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LREEWY6KNLHRWFZ7OT4HVLMVVCGGUHON/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKRCI7WIOCOCD3H7NXWRGIRABTQOZOBK/https://bugs.chromium.org/p/chromium/issues/detail?id=829668https://github.com/golang/go/issues/27016https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LREEWY6KNLHRWFZ7OT4HVLMVVCGGUHON/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKRCI7WIOCOCD3H7NXWRGIRABTQOZOBK/
2018-09-16
Published