CVE-2012-2666

golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
golanggo
1.0.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
golang
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
golang-1.10
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
bionic
not-affected
xenial
not-affected
trusty
not-affected
golang-1.13
jammy
not-affected
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
dne
golang-1.14
jammy
dne
impish
dne
hirsute
not-affected
groovy
not-affected
focal
not-affected
bionic
dne
xenial
dne
trusty
dne
golang-1.15
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
dne
bionic
dne
xenial
dne
trusty
dne
golang-1.16
jammy
dne
impish
not-affected
hirsute
not-affected
groovy
dne
focal
not-affected
bionic
not-affected
xenial
ignored
trusty
dne
golang-1.6
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
bionic
dne
xenial
not-affected
trusty
dne
golang-1.8
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
golang-1.9
jammy
dne
impish
dne
hirsute
dne
groovy
dne
focal
dne
bionic
not-affected
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=765455
https://codereview.appspot.com/5992078
https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd
https://security.netapp.com/advisory/ntap-20210902-0009/
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666
https://bugzilla.suse.com/show_bug.cgi?id=765455
https://codereview.appspot.com/5992078
https://github.com/golang/go/commit/8ac275bb01588a8c0e6c0fe2de7fd11f08feccdd
https://security.netapp.com/advisory/ntap-20210902-0009/
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2012-2666