Wind River Support Network

HomeDefectsLIN1018-8074
Fixed

LIN1018-8074 : Security Advisory - go - CVE-2021-39293

Created: Aug 19, 2021    Updated: Feb 9, 2022
Resolved Date: Sep 27, 2021
Found In Version: 10.18.44.1
Fix Version: 10.18.44.24
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.

https://nvd.nist.gov/vuln/detail/CVE-2021-39293

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube