ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2023.0109
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2023-0109)
Resumen:	The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2023-0109 advisory.
Descripción:	Summary: The remote host is missing an update for the 'golang' package(s) announced via the MGASA-2023-0109 advisory. Vulnerability Insight: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. (CVE-2022-41723) Large handshake records may cause panics in crypto/tls. (CVE-2022-41724) Denial of service from excessive resource consumption in net/http and mime/multipart. (CVE-2022-41725) The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (CVE-2023-24532) Affected Software/OS: 'golang' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-41723 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://security.gentoo.org/glsa/202311-09 https://www.couchbase.com/alerts/ https://go.dev/cl/468135 https://go.dev/cl/468295 https://go.dev/issue/57855 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ https://pkg.go.dev/vuln/GO-2023-1571 Common Vulnerability Exposure (CVE) ID: CVE-2022-41724 https://go.dev/cl/468125 https://go.dev/issue/58001 https://pkg.go.dev/vuln/GO-2023-1570 Common Vulnerability Exposure (CVE) ID: CVE-2022-41725 https://go.dev/cl/468124 https://go.dev/issue/58006 https://pkg.go.dev/vuln/GO-2023-1569 Common Vulnerability Exposure (CVE) ID: CVE-2023-24532 https://go.dev/cl/471255 https://go.dev/issue/58647 https://groups.google.com/g/golang-announce/c/3-TpUx48iQY https://pkg.go.dev/vuln/GO-2023-1621
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.