Mageia 8 MGASA-2022-0210 Moderate: Golang Access Control Bug

mageia

May 28, 2022

The syscall.Faccessat function checks whether the calling process can access a file

Summary

The syscall.Faccessat function checks whether the calling process can access a file. Faccessat contains a bug where it checks a file’s group permission bits if the process’s user is a member of the process’s group rather than a member of the file’s group. (CVE-2022-29526)

References

- https://bugs.mageia.org/show_bug.cgi?id=30469

- https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU

- https://www.cve.org/CVERecord?id=CVE-2022-29526

Topics Covered

security advisory security update access control moderate severity file permissions golang Mageia

Resolution

SRPMS

- 8/core/golang-1.17.10-1.mga8

Publication date: 28 May 2022

URL: https://advisories.mageia.org/MGASA-2022-0210.html

Type: security

CVE: CVE-2022-29526

Topics Covered

security advisory security update access control moderate severity file permissions golang Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8 MGASA-2022-0210 Moderate: Golang Access Control Bug

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8 MGASA-2022-0210 Moderate: Golang Access Control Bug

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!