New Delhi, June 22 (SocialNews.XYZ) The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, has warned users of multiple vulnerabilities in the 'Golang Go' programming language affecting IBM Storage Copy Data Management software.
As per the CERT-In advisory, the multiple vulnerabilities -- 'arbitrary code execution vulnerability' and 'denial of service vulnerability' -- could allow an attacker to execute arbitrary code or cause a denial of service condition on the targeted system.
The arbitrary code execution vulnerability exists in IBM software due to a flaw in Golang Go during the build on Darwin.
"An attacker could exploit this vulnerability by building a specially crafted Go module. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the targeted system," the cyber agency said.
On the other hand, the denial of service vulnerability exists in IBM Storage Copy Data Management due to a flaw in Golang Go which causes high CPU usage in the 'extractExtendedRCode' function in the net module.
"A remote attacker could exploit this vulnerability by sending a specially crafted DNS message in response to a query," the advisory mentioned.
Successful exploitation of this vulnerability could allow an attacker to cause a denial of service condition on the targeted system.
CERT-In has suggested users apply appropriate fix/patches as recommended by the company.
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz