File Descriptor Vulnerability in Go on UNIX Systems
CVE-2021-44717

4.8MEDIUM

Key Information:

Vendor

Golang

Status
Go
Vendor
CVE Published:
1 January 2022

What is CVE-2021-44717?

A vulnerability in the Go programming language, experienced on UNIX systems, allows for unintended write operations to files or network connections. This issue arises from improper closure of file descriptor 0 due to file-descriptor exhaustion. If exploited, attackers may gain unauthorized access to sensitive files or establish connections without consent, putting systems at risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://groups.google.com/g/golang-announce/c/hcmEScgc00k
https://lists.debian.org/debian-lts-announce/2022/01/msg0...
mailing-list
https://lists.debian.org/debian-lts-announce/2022/01/msg0...
mailing-list

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.