Wind River Support Network

HomeDefectsLIN10-9003
Fixed

LIN10-9003 : Security Advisory - go - CVE-2021-39293

Created: Aug 19, 2021    Updated: Feb 9, 2022
Resolved Date: Oct 11, 2021
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.

https://nvd.nist.gov/vuln/detail/CVE-2021-39293

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube