Vulnerability Report: GO-2023-1738
- CVE-2023-30549, GHSA-j4rf-7357-f4cg
- Affects: github.com/apptainer/apptainer
- Published: Aug 20, 2024
- Unreviewed
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer in github.com/apptainer/apptainer
For detailed information about this vulnerability, visit https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg or https://nvd.nist.gov/vuln/detail/CVE-2023-30549.
Affected Modules
-
PathGo Versions
-
before v1.1.8
Aliases
References
- https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg
- https://nvd.nist.gov/vuln/detail/CVE-2023-30549
- https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7
- https://access.redhat.com/security/cve/cve-2022-1184
- https://github.com/apptainer/apptainer/releases/tag/v1.1.8
- https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303
- https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f
- https://github.com/torvalds/linux/commit/61a1d87a324ad5e3ed27c6699dfc93218fcf3201
- https://github.com/torvalds/linux/commit/65f8ea4cd57dbd46ea13b41dc8bac03176b04233
- https://lwn.net/Articles/932136
- https://lwn.net/Articles/932137
- https://nvd.nist.gov/vuln/detail/CVE-2022-1184
- https://security-tracker.debian.org/tracker/CVE-2022-1184
- https://security.gentoo.org/glsa/202311-13
- https://sylabs.io/2023/04/response-to-cve-2023-30549
- https://ubuntu.com/security/CVE-2022-1184
- https://www.suse.com/security/cve/CVE-2022-1184.html
- https://vuln.go.dev/ID/GO-2023-1738.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.