CVE-2023-29403

ADVISORY - nist

Summary

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.

EPSS Score⁠: 0.00091 (0.402)

Common Weakness Enumeration (CWE)

ADVISORY - nist

NIST

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDCVE-2023-29403⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-668⁠

CVSS SCORE

7.8high

Alpine

CREATED

1 year ago

UPDATED

6 months ago

ADVISORY IDCVE-2023-29403⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 year ago

UPDATED

5 months ago

ADVISORY IDCVE-2023-29403⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 year ago

UPDATED

12 days ago

ADVISORY IDCVE-2023-29403⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8medium

GoLang

CREATED

1 year ago

UPDATED

6 months ago

ADVISORY IDGO-2023-1840⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:3922⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Alma

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALSA-2023:3923⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Amazon

CREATED

1 year ago

UPDATED

11 months ago

ADVISORY IDALAS-2023-1848⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2023-2023-269⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2023-2023-312⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDALAS2-2023-2163⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

BIT-2023-29403

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

BIT-golang-2023-29403

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDCVE-2023-29403⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-668⁠

CVSS SCORE

7.8high

Rocky

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDRLSA-2023:3923⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-3922⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Oracle

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY IDELSA-2023-3923⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-qm28-54pp-3gj6

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-rqc5-45cx-9qx7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-65fm-7xhr-6vff

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

CVE-2023-29403

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8high

CVE-2023-29403

Summary

Common Weakness Enumeration (CWE)

CWE-668⁠

CWE-668⁠

Advisories

NIST

CVSS SCORE

Alpine

Debian

Ubuntu

CVSS SCORE

GoLang

Alma

CVSS SCORE

Alma

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Bitnami

CVSS SCORE

Bitnami

CVSS SCORE

Red Hat

CVSS SCORE

Rocky

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Chainguard

Chainguard

Chainguard

Photon

CVSS SCORE