Vulnerability #1: GO-2024-2824
Malformed DNS message can cause infinite loop in net
More info: https://pkg.go.dev/vuln/GO-2024-2824
Standard library
Found in: net@go1.21.9
Fixed in: net@go1.21.10
Example traces found:
#1: pkg/thirdparty/github.com/onsi/ginkgo/v2/exposedinternal/parallel_support/rpc_client.go:31:39: parallel_support.rpcClient.Connect calls rpc.DialHTTPPath, which calls net.Dial
#2: pkg/scyllaclient/client.go:451:24: scyllaclient.fixContentType calls http.Transport.RoundTrip, which eventually calls net.Dialer.Dial
#3: test/e2e/set/scyllacluster/scyllacluster_shardawareness.go:91:24: scyllacluster.init calls net.Dialer.DialContext
#4: pkg/cmd/operator/webhooks.go:217:29: operator.WebhookOptions.run calls net.Listen
#5: pkg/util/cloud/gke.go:31:30: cloud.OnGKE calls net.LookupHost
#[6](https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960#1:build-log.txt%3A6): test/e2e/utils/datainserter.go:188:64: utils.DataInserter.createSession calls gocql.ClusterConfig.CreateSession, which eventually calls net.LookupIP
#[7](https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960#1:build-log.txt%3A7): test/e2e/set/scyllacluster/scyllacluster_shardawareness.go:[8](https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960#1:build-log.txt%3A8)0:40: scyllacluster.init calls net.ResolveTCPAddr
#8: pkg/thirdparty/k8s.io/kubernetes/pkg/controller/controller_ref_manager.go:40:1[9](https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960#1:build-log.txt%3A9): controller.BaseControllerRefManager.CanAdopt calls sync.Once.Do, which eventually calls net.Resolver.LookupHost
#9: test/e2e/framework/framework.go:66:13: framework.NewFramework calls ginkgo.AfterEach, which eventually calls net.Resolver.LookupSRV
#[10](https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960#1:build-log.txt%3A10): test/e2e/framework/framework.go:66:13: framework.NewFramework calls ginkgo.AfterEach, which eventually calls net.Resolver.LookupTXT
https://prow.scylla-operator.scylladb.com/view/gs/scylla-operator-prow/logs/ci-scylla-operator-v1.12-govulncheck/1788146917901864960
/kind feature /priority critical-urgent /assign