vulnerability

Red Hat OpenShift: CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Jan 1, 2022	Mar 11, 2022	Apr 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Jan 1, 2022

Added

Mar 11, 2022

Modified

Apr 11, 2025

Description

Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.

Solution(s)

linuxrpm-upgrade-butanelinuxrpm-upgrade-containernetworking-pluginslinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-ignitionlinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-clientslinuxrpm-upgrade-runc

References

CVE-2021-44717
https://attackerkb.com/topics/CVE-2021-44717
REDHAT-RHSA-2021:5160
REDHAT-RHSA-2021:5176
REDHAT-RHSA-2022:0055
REDHAT-RHSA-2022:0056
REDHAT-RHSA-2022:0557
REDHAT-RHSA-2022:0927
REDHAT-RHSA-2022:0947
REDHAT-RHSA-2022:1051
REDHAT-RHSA-2022:1056
REDHAT-RHSA-2022:1361
REDHAT-RHSA-2022:1372
REDHAT-RHSA-2022:1734
REDHAT-RHSA-2022:6526
REDHAT-RHSA-2023:0407
REDHAT-RHSA-2023:0408

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today