Alibaba Cloud Linux 3 : 0128: go-toolset:an8 (ALINUX3-SA-2025:0128)

🗓️ 06 Aug 2025 00:00:00Reported by TenableType

Alibaba Cloud Linux 3 host has multiple vulnerabilities requiring package updates per advisory ALINUX3-SA-2025:0128

Reporter	Title	Published	Views	Family All 3142
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF005 and 24.0.1-IF002.	2 May 202507:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite uses axios-1.7.7.tgz, Kubectl-1.22.4 and Websphere Liberty - 24.0.0.11 which is vulnerable to CVE-2025-27152, CVE-2024-47535, CVE-2024-24791, CVE-2024-45336, CVE-2024.	30 May 202513:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	25 Jun 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images	10 Dec 202516:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite uses multiple nodejs and go packages which is vulnerable to " CVE-2025-27152, CVE-2025-32996, CVE-2025-32997, CVE-2025-22871"	4 Aug 202507:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image	16 Sep 202509:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality	1 Sep 202511:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871	28 Nov 202511:36	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.	21 Jan 202605:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in net/http/internal CVE-2025-22871	17 Dec 202510:03	–	ibm

Source	Link
mirrors	www.mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20250128.xml
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Alibaba Cloud Linux Security Advisory ALINUX3-SA-2025:0128.
##

include('compat.inc');

if (description)
{
  script_id(243961);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/06");

  script_cve_id(
    "CVE-2024-45336",
    "CVE-2024-45341",
    "CVE-2025-4673",
    "CVE-2025-22871"
  );

  script_name(english:"Alibaba Cloud Linux 3 : 0128: go-toolset:an8 (ALINUX3-SA-2025:0128)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Alibaba Cloud Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced
in the ALINUX3-SA-2025:0128 advisory.

    Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities:

    CVE-2024-45336:
    The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to
    a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to
    b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive
    headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to
    b.com/2 would incorrectly send the Authorization header to b.com/2.

    CVE-2024-45341:
    A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name
    constraint that applies to the certificate chain. Certificates containing URIs are not permitted in the
    web PKI, so this only affects users of private PKIs which make use of URIs.

    CVE-2025-22871:
    The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines.
    This can permit request smuggling if a net/http server is used in conjunction with a server that
    incorrectly accepts a bare LF as part of a chunk-ext.

    CVE-2025-4673:
    Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking
    sensitive information.

Tenable has extracted the preceding description block directly from the Alibaba Cloud Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://mirrors.aliyun.com/alinux/3/cve/alinux3-sa-20250128.xml");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-22871");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/01/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:delve");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:delve-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:delve-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:go-toolset");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-misc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alibabacloud:alibaba_cloud_linux_3:golang-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:alibabacloud:alibaba_cloud_linux_3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Alibaba Cloud Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Alibaba/release", "Host/Alibaba/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Alibaba Cloud Linux' >!< os_product) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Alibaba Cloud Linux');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'Alibaba Cloud Linux 3.x', 'Alibaba Cloud Linux ' + os_version);

if (!get_kb_item('Host/Alibaba/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Alibaba Cloud Linux', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'delve-1.24.1-1.0.2.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'delve-1.24.1-1.0.2.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'delve-debuginfo-1.24.1-1.0.2.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'delve-debuginfo-1.24.1-1.0.2.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'delve-debugsource-1.24.1-1.0.2.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'delve-debugsource-1.24.1-1.0.2.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'go-toolset-1.24.4-1.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'go-toolset-1.24.4-1.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-1.24.4-1.0.2.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-1.24.4-1.0.2.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-bin-1.24.4-1.0.2.al8', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-bin-1.24.4-1.0.2.al8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-docs-1.24.4-1.0.2.al8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-misc-1.24.4-1.0.2.al8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-src-1.24.4-1.0.2.al8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'golang-tests-1.24.4-1.0.2.al8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / delve-debuginfo / delve-debugsource / go-toolset / golang / etc');
}

06 Aug 2025 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.19.1

EPSS0.00682

SSVC