Lucene search
K

Alibaba Cloud Linux 3 : 0060: go-toolset:rhel8 (ALINUX3-SA-2021:0060)

🗓️ 14 May 2025 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 10 Views

Alibaba Cloud Linux 3 has vulnerabilities fixed by package updates as per advisory ALINUX3-SA-2021:0060.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Golang affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift (CVE-2021-3114, CVE-2021-3115)
24 Apr 202106:11
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Storage Defender – Data Protect
30 Aug 202317:27
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
15 Mar 202500:18
ibm
IBM Security Bulletins
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-33196)
22 Apr 202215:57
ibm
IBM Security Bulletins
Security Bulletin: Operations Dashboard is vulnerable to multiple Go vulnerabilities
14 Oct 202113:05
ibm
IBM Security Bulletins
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from systemd, libcap, openssl-libs, libxml2, go-toolset, and prometheus-operator
28 Aug 202308:17
ibm
IBM Security Bulletins
Security Bulletin: IBM Netezza as a Service is vulnerable to denial of service due to Golang net package (CVE-2021-33194, CVE-2021-44716, CVE-2021-31525)
28 Jun 202211:57
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities have been found in Golang Go which is shipped with Cloud Pak System
6 May 202219:21
ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability in Golang Go affects IBM Cloud Pak for Multicloud Management Managed services
26 Jul 202116:55
ibm
IBM Security Bulletins
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to Denial of Service via CVE-2021-33196
14 Sep 202113:37
ibm
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Alibaba Cloud Linux Security Advisory ALINUX3-SA-2021:0060.
##

include('compat.inc');

if (description)
{
  script_id(236611);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/05/14");

  script_cve_id(
    "CVE-2019-14809",
    "CVE-2020-14040",
    "CVE-2020-28362",
    "CVE-2020-28366",
    "CVE-2020-28367",
    "CVE-2021-3114",
    "CVE-2021-27918",
    "CVE-2021-31525",
    "CVE-2021-33196",
    "CVE-2021-34558"
  );

  script_name(english:"Alibaba Cloud Linux 3 : 0060: go-toolset:rhel8 (ALINUX3-SA-2021:0060)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Alibaba Cloud Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced
in the ALINUX3-SA-2021:0060 advisory.

    Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:

    CVE-2019-14809:
    net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an
    authorization bypass in some applications. This is related to a Host field with a suffix appearing in
    neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can
    compose a crafted javascript:// URL that results in a hostname of google.com.

    CVE-2020-14040:
    The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the
    UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker
    could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an
    infinite loop if the String function on the Decoder is called, or the Decoder is passed to
    golang.org/x/text/transform.String.

    CVE-2020-28362:
    Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. A flaw was found in the math/big
    package of Go's standard library that causes a denial of service. Applications written in Go that use
    math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can
    potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to
    system availability.

    CVE-2020-28366:
    Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. An input validation vulnerability was
    found in Go. From a generated go file (from the cgo tool), it is possible to modify symbols within that
    object file and specify code. This flaw allows an attacker to create a repository that includes malicious
    pre-built object files that could execute arbitrary code when downloaded and run via `go get` or `go
    build` while building a Go project. The highest threat from this vulnerability is to confidentiality,
    integrity, as well as system availability.

    CVE-2020-28367:
    Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. An input validation vulnerability
    was found in Go. If cgo is specified in a Go file, it is possible to bypass the validation of arguments to
    the gcc compiler. This flaw allows an attacker to create a malicious repository that can execute arbitrary
    code when downloaded and run via `go get` or `go build` while building a Go project. The highest threat
    from this vulnerability is to confidentiality and integrity as well as system availability.

    CVE-2021-3114:
    In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs,
    related to an underflow of the lowest limb during the final complete reduction in the P-224 field. A flaw
    detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs,
    reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality
    and integrity.

    CVE-2021-27918:
    encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader
    (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode,
    DecodeElement, or Skip method.

    CVE-2021-31525:
    net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of
    service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each
    be affected in some configurations.

    CVE-2021-33196:
    In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a crafted file count (in an archive's
    header) can cause a NewReader or OpenReader panic.

    CVE-2021-34558:
    The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an
    X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS
    server to cause a TLS client to panic.

Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20210060.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14809");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/08/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/05/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:go-toolset");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-misc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-race");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:alibabacloud:alibaba_cloud_linux_3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Alibaba Cloud Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Alibaba/release", "Host/Alibaba/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Alibaba/release');
if (isnull(os_release) || 'Alibaba Cloud Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux');
var os_ver = pregmatch(pattern: "Alibaba Cloud Linux release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Alibaba Cloud Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux 3.x', 'Alibaba Cloud Linux ' + os_ver);

if (!get_kb_item('Host/Alibaba/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Alibaba Cloud Linux', cpu);

var pkgs = [
    {'reference':'go-toolset-1.15.14-1.1.al8', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'go-toolset-1.15.14-1.1.al8', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-1.15.14-1.1.al8', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-1.15.14-1.1.al8', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-bin-1.15.14-1.1.al8', 'cpu':'aarch64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-bin-1.15.14-1.1.al8', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-docs-1.15.14-1.1.al8', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-misc-1.15.14-1.1.al8', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-race-1.15.14-1.1.al8', 'cpu':'x86_64', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-src-1.15.14-1.1.al8', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
    {'reference':'golang-tests-1.15.14-1.1.al8', 'release':'3', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  var cves = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'Alibaba Linux ' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / golang-docs / golang-misc / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

14 May 2025 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 27.5
CVSS 39.8
CVSS 3.17.5
EPSS0.08359
10