CVE-2022-29526

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-29526

Severity

5.3

Medium

CVSS V3

Description

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

References

https://images.chainguard.dev/security/CGA-c284-r73x-r95g
https://github.com/advisories/GHSA-p782-xgp4-8hr8
https://images.chainguard.dev/security/CGA-2fhw-5629-6ffq
https://images.chainguard.dev/security/CGA-xc34-g9c3-q5q9
https://images.chainguard.dev/security/CGA-36w8-g4g7-54mm
https://images.chainguard.dev/security/CGA-rqm4-m2wv-hfrv
https://images.chainguard.dev/security/CGA-vxjj-q966-hp46
https://images.chainguard.dev/security/CGA-g484-r9gf-4wm2
https://images.chainguard.dev/security/CGA-4fg3-mp83-3g98
https://images.chainguard.dev/security/CGA-pwxx-2f98-fmmm
https://images.chainguard.dev/security/CGA-27h2-29wj-968q
https://images.chainguard.dev/security/CGA-fh7j-229m-5cj6
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
https://github.com/golang/go/issues/52313
https://groups.google.com/g/golang-announce
https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU
https://security.gentoo.org/glsa/202208-02
https://security.netapp.com/advisory/ntap-20220729-0001/

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal