blob: 6908626bb44c2be96908a6a12314f701bf0ddeac [file] [log] [blame]
id: GO-2021-0163
modules:
- module: std
versions:
- fixed: 1.5.4
- introduced: 1.6.0-0
- fixed: 1.6.1
vulnerable_at: 1.6.0
packages:
- package: syscall
symbols:
- LoadLibrary
skip_fix: 'TODO: revisit this reason (fix appears to not work with Go <1.18)'
summary: Privilege escalation on Windows via malicious DLL in syscall
description: |-
Untrusted search path vulnerability on Windows related to LoadLibrary allows
local users to gain privileges via a malicious DLL in the current working
directory.
published: 2022-01-05T22:41:50Z
cves:
- CVE-2016-3958
references:
- fix: https://go.dev/cl/21428
- fix: https://go.googlesource.com/go/+/6a0bb87bd0bf0fdf8ddbd35f77a75ebd412f61b0
- report: https://go.dev/issue/14959
- web: https://groups.google.com/g/golang-announce/c/9eqIHqaWvck
review_status: REVIEWED