Bug 1193598 - (CVE-2021-44717) VUL-0: CVE-2021-44717: go1.1 6,go1.17: syscall: don’t close fd 0 on ForkExec error
(CVE-2021-44717)
VUL-0: CVE-2021-44717: go1.1 6,go1.17: syscall: don’t close fd 0 on ForkExec ...
Status: NEW
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security
Current
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-12-09 22:15 UTC by Jeff Kowalczyk
Modified: 2022-04-13 07:25 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeff Kowalczyk 2021-12-09 22:15:24 UTC
When a Go program running on a Unix system is out of file descriptors and calls syscall.ForkExec (including indirectly by using the os/exec package), syscall.ForkExec can close file descriptor 0 as it fails. If this happens (or can be provoked) repeatedly, it can result in misdirected I/O such as writing network traffic intended for one connection to a different connection, or content intended for one file to a different one.

For users who cannot immediately update to the new release, the bug can be mitigated by raising the per-process file descriptor limit.

Thank you to Tomasz Maczukin and Kamil Trzciński of GitLab for reporting this issue.

This is CVE-2021-44717 and Go issue go#50057.

References:

https://github.com/golang/go/issues/50057
Comment 1 OBSbugzilla Bot 2021-12-10 00:10:23 UTC
This is an autogenerated message for OBS integration:
This bug (1193598) was mentioned in
https://build.opensuse.org/request/show/938752 Factory / go1.16
https://build.opensuse.org/request/show/938755 Factory / go1.17
Comment 3 Swamp Workflow Management 2021-12-23 14:37:47 UTC
openSUSE-SU-2021:4186-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1190649,1193597,1193598
CVE References: CVE-2021-44716,CVE-2021-44717
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    go1.17-1.17.5-1.14.2
Comment 4 Swamp Workflow Management 2021-12-23 14:43:59 UTC
SUSE-SU-2021:4169-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1182345,1193597,1193598
CVE References: CVE-2021-44716,CVE-2021-44717
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    go1.16-1.16.12-1.37.2
SUSE Manager Retail Branch Server 4.1 (src):    go1.16-1.16.12-1.37.2
SUSE Manager Proxy 4.1 (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise Server 15-SP2-BCL (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    go1.16-1.16.12-1.37.2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    go1.16-1.16.12-1.37.2
SUSE Enterprise Storage 7 (src):    go1.16-1.16.12-1.37.2
SUSE CaaS Platform 4.5 (src):    go1.16-1.16.12-1.37.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Swamp Workflow Management 2021-12-23 14:48:41 UTC
openSUSE-SU-2021:4169-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1182345,1193597,1193598
CVE References: CVE-2021-44716,CVE-2021-44717
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    go1.16-1.16.12-1.37.2
Comment 6 Swamp Workflow Management 2021-12-23 15:01:01 UTC
SUSE-SU-2021:4186-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1190649,1193597,1193598
CVE References: CVE-2021-44716,CVE-2021-44717
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    go1.17-1.17.5-1.14.2
SUSE Manager Retail Branch Server 4.1 (src):    go1.17-1.17.5-1.14.2
SUSE Manager Proxy 4.1 (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise Server 15-SP2-BCL (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    go1.17-1.17.5-1.14.2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    go1.17-1.17.5-1.14.2
SUSE Enterprise Storage 7 (src):    go1.17-1.17.5-1.14.2
SUSE CaaS Platform 4.5 (src):    go1.17-1.17.5-1.14.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2021-12-26 17:18:32 UTC
openSUSE-SU-2021:1626-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1182345,1193597,1193598
CVE References: CVE-2021-44716,CVE-2021-44717
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    go1.16-1.16.12-lp152.20.1