When a Go program running on a Unix system is out of file descriptors and calls syscall.ForkExec (including indirectly by using the os/exec package), syscall.ForkExec can close file descriptor 0 as it fails. If this happens (or can be provoked) repeatedly, it can result in misdirected I/O such as writing network traffic intended for one connection to a different connection, or content intended for one file to a different one. Reference: https://github.com/golang/go/issues/50057
Created golang tracking bugs for this issue: Affects: epel-all [bug 2030808] Affects: fedora-all [bug 2030810] Affects: openstack-rdo [bug 2030809]
Upstream commits: https://go-review.googlesource.com/c/go/+/370577/ Upstream commits: https://go-review.googlesource.com/c/go/+/370576/
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:5160 https://access.redhat.com/errata/RHSA-2021:5160
This issue has been addressed in the following products: Red Hat Developer Tools Via RHSA-2021:5176 https://access.redhat.com/errata/RHSA-2021:5176
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2022:0055 https://access.redhat.com/errata/RHSA-2022:0055
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2022:0056 https://access.redhat.com/errata/RHSA-2022:0056
This issue has been addressed in the following products: RHEL-8-CNV-4.10 Via RHSA-2022:0947 https://access.redhat.com/errata/RHSA-2022:0947
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2022:0927 https://access.redhat.com/errata/RHSA-2022:0927
This issue has been addressed in the following products: Openshift Serveless 1.21 Via RHSA-2022:1051 https://access.redhat.com/errata/RHSA-2022:1051
This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2022:1056 https://access.redhat.com/errata/RHSA-2022:1056
This issue has been addressed in the following products: RHODF-4.10-RHEL-8 Via RHSA-2022:1361 https://access.redhat.com/errata/RHSA-2022:1361
This issue has been addressed in the following products: RHODF-4.10-RHEL-8 Via RHSA-2022:1372 https://access.redhat.com/errata/RHSA-2022:1372
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2022:1734 https://access.redhat.com/errata/RHSA-2022:1734
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-44717
This issue has been addressed in the following products: RHEL-8-CNV-4.11 Via RHSA-2022:6526 https://access.redhat.com/errata/RHSA-2022:6526
This issue has been addressed in the following products: RHEL-8-CNV-4.12 RHEL-7-CNV-4.12 Via RHSA-2023:0407 https://access.redhat.com/errata/RHSA-2023:0407
This issue has been addressed in the following products: RHEL-8-CNV-4.12 Via RHSA-2023:0408 https://access.redhat.com/errata/RHSA-2023:0408