CVE Vulnerabilities

CVE-2023-29403

Exposure of Resource to Wrong Sphere

Published: Jun 08, 2023 | Modified: Nov 25, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.8 IMPORTANT
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Ubuntu
MEDIUM

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.

Weakness

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

Affected Software

Name Vendor Start Version End Version
Go Golang * 1.19.10 (excluding)
Go Golang 1.20.0 (including) 1.20.5 (excluding)
Red Hat Developer Tools RedHat go-toolset-1.19-0:1.19.10-1.el7_9 *
Red Hat Developer Tools RedHat go-toolset-1.19-golang-0:1.19.10-1.el7_9 *
Red Hat Enterprise Linux 8 RedHat go-toolset:rhel8-8080020230627164522.6b4b45d8 *
Red Hat Enterprise Linux 9 RedHat golang-0:1.19.10-1.el9_2 *
Red Hat Enterprise Linux 9 RedHat go-toolset-0:1.19.10-1.el9_2 *
Golang Ubuntu bionic *
Golang Ubuntu trusty *
Golang Ubuntu xenial *
Golang-1.10 Ubuntu bionic *
Golang-1.10 Ubuntu trusty *
Golang-1.10 Ubuntu xenial *
Golang-1.13 Ubuntu bionic *
Golang-1.13 Ubuntu kinetic *
Golang-1.13 Ubuntu xenial *
Golang-1.16 Ubuntu bionic *
Golang-1.16 Ubuntu trusty *
Golang-1.16 Ubuntu xenial *
Golang-1.17 Ubuntu jammy *
Golang-1.17 Ubuntu trusty *
Golang-1.17 Ubuntu xenial *
Golang-1.18 Ubuntu bionic *
Golang-1.18 Ubuntu esm-apps/bionic *
Golang-1.18 Ubuntu esm-apps/xenial *
Golang-1.18 Ubuntu focal *
Golang-1.18 Ubuntu jammy *
Golang-1.18 Ubuntu trusty *
Golang-1.18 Ubuntu xenial *
Golang-1.19 Ubuntu kinetic *
Golang-1.19 Ubuntu lunar *
Golang-1.19 Ubuntu trusty *
Golang-1.19 Ubuntu xenial *
Golang-1.20 Ubuntu lunar *
Golang-1.20 Ubuntu mantic *
Golang-1.20 Ubuntu trusty *
Golang-1.20 Ubuntu xenial *
Golang-1.6 Ubuntu trusty *
Golang-1.6 Ubuntu xenial *
Golang-1.8 Ubuntu bionic *
Golang-1.9 Ubuntu bionic *

Extended Description

Resources such as files and directories may be inadvertently exposed through mechanisms such as insecure permissions, or when a program accidentally operates on the wrong object. For example, a program may intend that private files can only be provided to a specific user. This effectively defines a control sphere that is intended to prevent attackers from accessing these private files. If the file permissions are insecure, then parties other than the user will be able to access those files. A separate control sphere might effectively require that the user can only access the private files, but not any other files on the system. If the program does not ensure that the user is only requesting private files, then the user might be able to access other files on the system. In either case, the end result is that a resource has been exposed to the wrong party.

References