Several security issues were fixed in Go Networking
Software Description:
- golang-golang-x-net-dev: Supplementary Go networking development files
Details:
USN-8089-1 fixed vulnerabilities in Go Networking. This update provides
the corresponding update to code vendored in golang-golang-x-net-dev.
Original advisory details:
Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and
Kaan Onarlioglu discovered that servers using Go Networking could hang
during shutdown if preempted by a fatal error. An attacker could possibly
use this to cause a denial of service. This issue only affected Ubuntu
22.04 LTS. (CVE-2022-27664)
Arpad Ryszka and Jakob Ackermann discovered that a maliciously crafted
stream could cause excessive CPU usage in Go Networking's HPACK decoder. An
attacker could possibly use this to cause a denial of service. This issue
only affected Ubuntu 22.04 LTS. (CVE-2022-41723)
Mohammad Thoriq Aziz discovered that Go Networking did not properly
...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
golang-go.net-dev 1:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
golang-golang-x-net-dev 1:0.0+git20190811.74dc4d7+dfsg-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
golang-go.net-dev 1:0.0+git20170629.c81e7f2+dfsg-2ubuntu0.1~esm2
Available with Ubuntu Pro
golang-golang-x-net-dev 1:0.0+git20170629.c81e7f2+dfsg-2ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
golang-go.net-dev 1:0.0+git20160110.4fd4a9f-1ubuntu0.1~esm2
Available with Ubuntu Pro
golang-golang-x-net-dev 1:0.0+git20160110.4fd4a9f-1ubuntu0.1~esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8089-2
https://ubuntu.com/security/notices/USN-8089-1
CVE-2021-33194, CVE-2022-27664, CVE-2022-41723, CVE-2023-3978,
CVE-2025-22872, CVE-2025-47911, CVE-2025-58190
Get the latest Linux and open source security news straight to your inbox.