Bug 2217569 (CVE-2023-29405)
Summary: | CVE-2023-29405 golang: cmd/cgo: Arbitrary code execution triggered by linker flags | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | amctagga, aoconnor, asm, bniver, bodavis, dbenoit, emachado, flucifre, gmeno, mbenjamin, mhackett, mnewsome, sipoyare, sostapov, tstellar, vereddy |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | go 1.20.5, go 1.19.10 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "#cgo LDFLAGS" directive. Flags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2023-06-29 14:19:42 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2217570, 2217571, 2217615, 2217616, 2217617, 2217618, 2217619, 2217620, 2217621, 2217622, 2217623, 2217624, 2217625, 2217626, 2217627 | ||
Bug Blocks: | 2217573 |
Description
Pedro Sampaio
2023-06-26 17:58:06 UTC
Created golang tracking bugs for this issue: Affects: epel-all [bug 2217570] Affects: fedora-all [bug 2217571] This issue has been addressed in the following products: Red Hat Developer Tools Via RHSA-2023:3920 https://access.redhat.com/errata/RHSA-2023:3920 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:3922 https://access.redhat.com/errata/RHSA-2023:3922 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:3923 https://access.redhat.com/errata/RHSA-2023:3923 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-29405 |