2 matches found
golang: syscall: faccessat checks wrong group
A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file's group, affecting system availability...
MGASA-2022-0210 Updated golang packages fix security vulnerability
The syscall.Faccessat function checks whether the calling process can access a file. Faccessat contains a bug where it checks a file’s group permission bits if the process’s user is a member of the process’s group rather than a member of the file’s group. CVE-2022-29526...