vulnerability

Amazon Linux 2023: CVE-2023-39323: Important priority package update for golang (Multiple Advisories)

Try Surface Command
Back to search
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Oct 5, 2023
Added
Feb 17, 2025
Modified
Jul 4, 2025

Description

Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
A flaw was found in the golang cmd/go standard library. A line directive ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to pass during compilation. This can result in the unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.

Solutions

amazon-linux-2023-upgrade-ecs-service-connect-agentamazon-linux-2023-upgrade-golangamazon-linux-2023-upgrade-golang-binamazon-linux-2023-upgrade-golang-docsamazon-linux-2023-upgrade-golang-miscamazon-linux-2023-upgrade-golang-sharedamazon-linux-2023-upgrade-golang-srcamazon-linux-2023-upgrade-golang-tests

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today