ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.

CPENameOperatorVersion
debian_linuxeq9.0
fedoraeq34
fedoraeq35
golt1.16.10
goge1.17.0
golt1.17.3

Name	Operator	Version
debian_linux	eq	9.0
fedora	eq	34
fedora	eq	35
go	lt	1.16.10
go	ge	1.17.0
go	lt	1.17.3

References

cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf

groups.google.com/g/golang-announce/c/0fM21h43arc

lists.debian.org/debian-lts-announce/2022/01/msg00016.html

lists.debian.org/debian-lts-announce/2022/01/msg00017.html

lists.debian.org/debian-lts-announce/2023/04/msg00021.html

lists.fedoraproject.org/archives/list/[email protected]/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z/

lists.fedoraproject.org/archives/list/[email protected]/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z/

security.gentoo.org/glsa/202208-02

security.netapp.com/advisory/ntap-20211210-0003/

www.oracle.com/security-alerts/cpujul2022.html

nessus 30

openvas 16

redhatcve 1

cbl_mariner 2

cnvd 1

cve 1

nvd 1

veracode 1

ubuntucve 1

alpinelinux 1

osv 8

debiancve 1

cvelist 1

suse 3

freebsd 1

redhat 4

mageia 1

ibm 10

altlinux 1

fedora 2

photon 5

debian 3

oraclelinux 1

amazon 3

ics 1

rocky 1

almalinux 1

gentoo 1

oracle 1

nessus

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-1289)

2022-03-02 00:00:00

CBL Mariner 2.0 Security Update: golang (CVE-2021-41771)

2023-03-20 00:00:00

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-1305)

2022-03-02 00:00:00

openvas

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1289)

2022-03-02 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1305)

2022-03-02 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1464)

2022-04-20 00:00:00

redhatcve

CVE-2021-41771

2021-11-05 18:27:46

cbl_mariner

CVE-2021-41771 affecting package golang for versions less than 1.17.8-1

2022-04-26 19:57:46

CVE-2021-41771 affecting package golang 1.16.9-1

2021-12-17 20:09:37

cnvd

Google Go buffer overflow vulnerability

2021-11-24 00:00:00

cve

CVE-2021-41771

2021-11-08 06:15:08

nvd

CVE-2021-41771

2021-11-08 06:15:08

veracode

Out-of-Bounds Access

2021-11-06 13:18:31

ubuntucve

CVE-2021-41771

2021-11-08 00:00:00

alpinelinux

CVE-2021-41771

2021-11-08 06:15:08

osv

CVE-2021-41771

2021-11-08 06:15:00

BIT-golang-2021-41771

2024-03-06 11:03:51

Panic on invalid symbol tables in debug/macho

2022-01-13 03:45:03

debiancve

CVE-2021-41771

2021-11-08 06:15:08

cvelist

CVE-2021-41771

2021-11-08 00:00:00

suse

Security update for go1.16 (moderate)

2021-12-06 00:00:00

Security update for go1.17 (moderate)

2021-12-01 00:00:00

Security update for go1.16 (moderate)

2021-12-01 00:00:00

freebsd

go -- multiple vulnerabilities

2021-11-04 00:00:00

redhat

(RHSA-2022:1745) Low: Release of OpenShift Serverless Client kn 1.22.0

2022-05-09 07:42:21

(RHSA-2022:1819) Moderate: go-toolset:rhel8 security and bug fix update

2022-05-10 06:29:31

(RHSA-2022:1747) Low: Release of OpenShift Serverless Version 1.22.0

2022-05-09 12:15:21

mageia

Updated golang packages fix security vulnerability

2021-12-03 21:45:31

ibm

Security Bulletin: Operations Dashboard is vulnerable to Go vulnerabilities CVE-2021-41771 and CVE-2021-41772

2022-01-13 15:43:13

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Go (CVE CVE-2021-41771 & CVE-2021-41772)

2022-02-08 13:12:19

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-41772,CVE-2021-41771)

2022-04-22 20:29:00

altlinux

Security fix for the ALT Linux 10 package golang version 1.17.3-alt1

2021-11-04 00:00:00

fedora

[SECURITY] Fedora 35 Update: golang-1.16.11-1.fc35

2021-12-16 01:18:21

[SECURITY] Fedora 34 Update: golang-1.16.11-1.fc34

2021-12-16 01:14:10

photon

Important Photon OS Security Update - PHSA-2021-3.0-0334

2021-11-21 00:00:00

Critical Photon OS Security Update - PHSA-2021-0130

2021-11-29 00:00:00

Critical Photon OS Security Update - PHSA-2021-4.0-0130

2021-11-28 00:00:00

debian

[SECURITY] [DLA 2892-1] golang-1.7 security update

2022-01-21 22:02:47

[SECURITY] [DLA 2891-1] golang-1.8 security update

2022-01-21 22:02:40

[SECURITY] [DLA 3395-1] golang-1.11 security update

2023-04-19 21:42:48

oraclelinux

go-toolset:ol8 security and bug fix update

2022-05-17 00:00:00

amazon

Important: golang

2022-04-25 15:59:00

Important: golang

2022-07-06 03:11:00

Important: golang

2022-04-25 03:47:00

ics

Siemens Brownfield Connectivity Gateway

2023-02-16 12:00:00

rocky

go-toolset:rhel8 security and bug fix update

2022-05-10 06:29:31

almalinux

Moderate: go-toolset:rhel8 security and bug fix update

2022-05-10 06:29:31

gentoo

Go: Multiple Vulnerabilities

2022-08-04 00:00:00

oracle

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for PRION:CVE-2021-41771