CVE-2021-44717
Published: 1 January 2022
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
Priority
CVSS 3 base score: 4.8
Status
Package | Release | Status |
---|---|---|
golang-1.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(out of standard support)
|
|
golang-1.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Ignored
(reached end-of-life)
|
|
impish |
Needed
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(out of standard support)
|
|
golang-1.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Needed
|
|
jammy |
Needed
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Released
(1.17.5-1)
|
|
xenial |
Ignored
(out of standard support)
|
|
golang-1.7 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(out of standard support)
|
|
golang-1.8 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
trusty |
Ignored
(out of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Ignored
(out of standard support)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44717
- https://github.com/golang/go/issues/50057
- https://groups.google.com/g/golang-announce/c/hcmEScgc00k/m/ZWnOjeY4CQAJ
- https://github.com/golang/go/commit/44a3fb49d99cc8a4de4925b69650f97bb07faf1d (go1.17.5)
- NVD
- Launchpad
- Debian