vulnerability
Red Hat OpenShift: CVE-2022-29526: golang: syscall: faccessat checks wrong group
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | 2022-06-23 | 2022-08-16 | 2025-04-11 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
2022-06-23
Added
2022-08-16
Modified
2025-04-11
Description
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Solution(s)
linuxrpm-upgrade-atomic-openshift-service-idlerlinuxrpm-upgrade-cri-olinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-clients
References
- CVE-2022-29526
- https://attackerkb.com/topics/CVE-2022-29526
- REDHAT-RHSA-2022:5201
- REDHAT-RHSA-2022:5337
- REDHAT-RHSA-2022:5392
- REDHAT-RHSA-2022:5699
- REDHAT-RHSA-2022:5729
- REDHAT-RHSA-2022:5799
- REDHAT-RHSA-2022:5840
- REDHAT-RHSA-2022:6156
- REDHAT-RHSA-2022:6277
- REDHAT-RHSA-2022:6714
- REDHAT-RHSA-2023:0408
- REDHAT-RHSA-2023:1529
- REDHAT-RHSA-2023:3642
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.