Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
Metrics
Affected Vendors & Products
References
History
Sun, 08 Sep 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: Go
Published: 2023-10-05T20:36:58.756Z
Updated: 2024-08-02T18:02:06.899Z
Reserved: 2023-07-27T17:05:55.188Z
Link: CVE-2023-39323
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-05T21:15:11.283
Modified: 2024-11-21T08:15:09.450
Link: CVE-2023-39323
Redhat