Fedora EPEL 7 update for golang

1) Input validation error

EUVDB-ID: #VU67396

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-27664

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU68387

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-2879

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to absent limits on the maximum size of file headers within the Reader.Read method in archive/tar. A remote attacker can pass a specially crafted file to the application and perform a denial of service (DoS) attack.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU68389

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-2880

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform parameter smuggling attacks.

The vulnerability exists due to incorrect handling of requests forwarded by ReverseProxy in net/http/httputil. A remote attacker can supply specially crafted parameters that cannot be parsed and are rejected by net/http and force the application to include these parameters into the forwarding request. As a result, a remote attacker can smuggle potentially dangerous HTTP parameters into the request.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU66121

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-32189

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in
Float.GobDecode. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Path traversal

EUVDB-ID: #VU67556

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-32190

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within JoinPath and URL.JoinPath. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Resource exhaustion

EUVDB-ID: #VU68390

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-41715

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in regexp/syntax when handling regular expressions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Allocation of Resources Without Limits or Throttling

EUVDB-ID: #VU70334

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2022-41717

CWE-ID: CWE-770 - Allocation of Resources Without Limits or Throttling

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to excessive memory growth when handling HTTP/2 server requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Path traversal

EUVDB-ID: #VU70332

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-41720

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to the way os.DirFS function and http.Dir type handle empty values on Windows, allowing an attacker with control over the path to view arbitrary files on the system.

Mitigation

Upgrade golang to version 1.18.9-1.el7.

Vulnerable software versions

Fedora: 7

golang: before 1.18.9-1.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:o:fedoraproject:golang:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-970698785b

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.