CVE-2022-41716

Summary

Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string "A=B\x00C=D" sets the variables "A=B" and "C=D".

Affected Software

VendorProductVersion RangeStatus
Go standard librarysyscall0 < 1.18.8affected
Go standard librarysyscall1.19.0-0 < 1.19.3affected
Go standard libraryos/exec0 < 1.18.8affected
Go standard libraryos/exec1.19.0-0 < 1.19.3affected

Weaknesses

  • CWE-158: Improper Neutralization of Null Byte or NUL Character

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References