GHSA-c279-989m-238f: Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted

March 29, 2026

A nil pointer dereference in tunnelCloseHandler causes the handler goroutine to panic whenever a reverse tunnel (rportfwd) close is attempted. Both the legitimate close path AND the unauthorized close path dereference tunnel.SessionID where tunnel is guaranteed nil. This means rportfwd tunnels can never be cleanly closed, and any authenticated implant can trigger repeated goroutine panics.

References

github.com/BishopFox/sliver
github.com/BishopFox/sliver/security/advisories/GHSA-c279-989m-238f
github.com/advisories/GHSA-c279-989m-238f

Code Behaviors & Features

Detect and mitigate GHSA-c279-989m-238f with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →