1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-202208-02

[GLSA-202208-02] Go: Multiple Vulnerabilities

Severity High
Affected Packages 1
Unaffected Packages 1
CVEs 37
Info Packages References Vulnerabilities

Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.

Background
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Description
Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details.

Impact
Please review the referenced CVE identifiers for details.

Workaround
There is no known workaround at this time.

Resolution
All Go users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/go-1.18.5"

In addition, users using Portage 3.0.9 or later should ensure that packages with Go binaries have no vulnerable code statically linked into their binaries by rebuilding the @golang-rebuild set:

# emerge --ask --oneshot --verbose @golang-rebuild

Package Affected Version
pkg:ebuild/dev-lang/go?distro=gentoo < 1.18.5
Package Unaffected Version
pkg:ebuild/dev-lang/go?distro=gentoo >= 1.18.5
ID
GLSA-202208-02
Severity
high
URL
https://security.gentoo.org/glsa/202208-02
Published
2022-08-04T00:00:00
(2 years ago)
Modified
2022-08-04T00:00:00
(2 years ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Source # ID Name URL
CVE CVE-2020-28366 CVE-2020-28366 https://nvd.nist.gov/vuln/detail/CVE-2020-28366
CVE CVE-2020-28367 CVE-2020-28367 https://nvd.nist.gov/vuln/detail/CVE-2020-28367
CVE CVE-2021-27918 CVE-2021-27918 https://nvd.nist.gov/vuln/detail/CVE-2021-27918
CVE CVE-2021-27919 CVE-2021-27919 https://nvd.nist.gov/vuln/detail/CVE-2021-27919
CVE CVE-2021-29923 CVE-2021-29923 https://nvd.nist.gov/vuln/detail/CVE-2021-29923
CVE CVE-2021-3114 CVE-2021-3114 https://nvd.nist.gov/vuln/detail/CVE-2021-3114
CVE CVE-2021-3115 CVE-2021-3115 https://nvd.nist.gov/vuln/detail/CVE-2021-3115
CVE CVE-2021-31525 CVE-2021-31525 https://nvd.nist.gov/vuln/detail/CVE-2021-31525
CVE CVE-2021-33195 CVE-2021-33195 https://nvd.nist.gov/vuln/detail/CVE-2021-33195
CVE CVE-2021-33196 CVE-2021-33196 https://nvd.nist.gov/vuln/detail/CVE-2021-33196
CVE CVE-2021-33197 CVE-2021-33197 https://nvd.nist.gov/vuln/detail/CVE-2021-33197
CVE CVE-2021-33198 CVE-2021-33198 https://nvd.nist.gov/vuln/detail/CVE-2021-33198
CVE CVE-2021-34558 CVE-2021-34558 https://nvd.nist.gov/vuln/detail/CVE-2021-34558
CVE CVE-2021-36221 CVE-2021-36221 https://nvd.nist.gov/vuln/detail/CVE-2021-36221
CVE CVE-2021-38297 CVE-2021-38297 https://nvd.nist.gov/vuln/detail/CVE-2021-38297
CVE CVE-2021-41771 CVE-2021-41771 https://nvd.nist.gov/vuln/detail/CVE-2021-41771
CVE CVE-2021-41772 CVE-2021-41772 https://nvd.nist.gov/vuln/detail/CVE-2021-41772
CVE CVE-2021-44716 CVE-2021-44716 https://nvd.nist.gov/vuln/detail/CVE-2021-44716
CVE CVE-2021-44717 CVE-2021-44717 https://nvd.nist.gov/vuln/detail/CVE-2021-44717
CVE CVE-2022-1705 CVE-2022-1705 https://nvd.nist.gov/vuln/detail/CVE-2022-1705
CVE CVE-2022-23772 CVE-2022-23772 https://nvd.nist.gov/vuln/detail/CVE-2022-23772
CVE CVE-2022-23773 CVE-2022-23773 https://nvd.nist.gov/vuln/detail/CVE-2022-23773
CVE CVE-2022-23806 CVE-2022-23806 https://nvd.nist.gov/vuln/detail/CVE-2022-23806
CVE CVE-2022-24675 CVE-2022-24675 https://nvd.nist.gov/vuln/detail/CVE-2022-24675
CVE CVE-2022-24921 CVE-2022-24921 https://nvd.nist.gov/vuln/detail/CVE-2022-24921
CVE CVE-2022-27536 CVE-2022-27536 https://nvd.nist.gov/vuln/detail/CVE-2022-27536
CVE CVE-2022-28131 CVE-2022-28131 https://nvd.nist.gov/vuln/detail/CVE-2022-28131
CVE CVE-2022-28327 CVE-2022-28327 https://nvd.nist.gov/vuln/detail/CVE-2022-28327
CVE CVE-2022-29526 CVE-2022-29526 https://nvd.nist.gov/vuln/detail/CVE-2022-29526
CVE CVE-2022-30629 CVE-2022-30629 https://nvd.nist.gov/vuln/detail/CVE-2022-30629
CVE CVE-2022-30630 CVE-2022-30630 https://nvd.nist.gov/vuln/detail/CVE-2022-30630
CVE CVE-2022-30631 CVE-2022-30631 https://nvd.nist.gov/vuln/detail/CVE-2022-30631
CVE CVE-2022-30632 CVE-2022-30632 https://nvd.nist.gov/vuln/detail/CVE-2022-30632
CVE CVE-2022-30633 CVE-2022-30633 https://nvd.nist.gov/vuln/detail/CVE-2022-30633
CVE CVE-2022-30635 CVE-2022-30635 https://nvd.nist.gov/vuln/detail/CVE-2022-30635
CVE CVE-2022-32148 CVE-2022-32148 https://nvd.nist.gov/vuln/detail/CVE-2022-32148
CVE CVE-2022-32189 CVE-2022-32189 https://nvd.nist.gov/vuln/detail/CVE-2022-32189
Bugzilla 754210 Bugzilla #754210 https://bugs.gentoo.org/show_bug.cgi?id=754210
Bugzilla 766216 Bugzilla #766216 https://bugs.gentoo.org/show_bug.cgi?id=766216
Bugzilla 775326 Bugzilla #775326 https://bugs.gentoo.org/show_bug.cgi?id=775326
Bugzilla 788640 Bugzilla #788640 https://bugs.gentoo.org/show_bug.cgi?id=788640
Bugzilla 794784 Bugzilla #794784 https://bugs.gentoo.org/show_bug.cgi?id=794784
Bugzilla 802054 Bugzilla #802054 https://bugs.gentoo.org/show_bug.cgi?id=802054
Bugzilla 806659 Bugzilla #806659 https://bugs.gentoo.org/show_bug.cgi?id=806659
Bugzilla 807049 Bugzilla #807049 https://bugs.gentoo.org/show_bug.cgi?id=807049
Bugzilla 816912 Bugzilla #816912 https://bugs.gentoo.org/show_bug.cgi?id=816912
Bugzilla 821859 Bugzilla #821859 https://bugs.gentoo.org/show_bug.cgi?id=821859
Bugzilla 828655 Bugzilla #828655 https://bugs.gentoo.org/show_bug.cgi?id=828655
Bugzilla 833156 Bugzilla #833156 https://bugs.gentoo.org/show_bug.cgi?id=833156
Bugzilla 834635 Bugzilla #834635 https://bugs.gentoo.org/show_bug.cgi?id=834635
Bugzilla 838130 Bugzilla #838130 https://bugs.gentoo.org/show_bug.cgi?id=838130
Bugzilla 843644 Bugzilla #843644 https://bugs.gentoo.org/show_bug.cgi?id=843644
Bugzilla 849290 Bugzilla #849290 https://bugs.gentoo.org/show_bug.cgi?id=849290
Bugzilla 857822 Bugzilla #857822 https://bugs.gentoo.org/show_bug.cgi?id=857822
Bugzilla 862822 Bugzilla #862822 https://bugs.gentoo.org/show_bug.cgi?id=862822
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/dev-lang/go?distro=gentoo dev-lang go < 1.18.5 gentoo
Unaffected pkg:ebuild/dev-lang/go?distro=gentoo dev-lang go >= 1.18.5 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date