vulnerability

Amazon Linux 2023: CVE-2022-27664: Important priority package update for golang (Multiple Advisories)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Sep 6, 2022
Added
Feb 17, 2025
Modified
Dec 4, 2025

Description

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.

Solutions

amazon-linux-2023-upgrade-amazon-ssm-agentamazon-linux-2023-upgrade-amazon-ssm-agent-debuginfoamazon-linux-2023-upgrade-amazon-ssm-agent-debugsourceamazon-linux-2023-upgrade-golangamazon-linux-2023-upgrade-golang-binamazon-linux-2023-upgrade-golang-docsamazon-linux-2023-upgrade-golang-miscamazon-linux-2023-upgrade-golang-raceamazon-linux-2023-upgrade-golang-sharedamazon-linux-2023-upgrade-golang-srcamazon-linux-2023-upgrade-golang-tests

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today