LIN1022-1039 : Security Advisory - go - CVE-2022-27664
Created: Jul 21, 2022
Updated: Nov 16, 2022
Resolved Date: Oct 11, 2022
Found In Version: 10.22.33.1
Fix Version: 10.22.33.2
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace
Description
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
https://nvd.nist.gov/vuln/detail/CVE-2022-27664
