256Dpi

**Name of the Vulnerable Software and Affected Versions** Go versions 1.17.0 through 1.17.9 Go versions 1.18.0 through 1.18.1 **Description** The issue is related to incorrect privilege assignment in the Faccessat function of the Go programming language. This can allow an attacker to bypass existing security restrictions. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. The problem arises because the function checks a file's group permission bits if the process's user is a member of the process's group rather than a member of the file's group. **Recommendations** For Go versions 1.17.0 through 1.17.9, update to version 1.17.10 or later to resolve the issue. For Go versions 1.18.0 through 1.18.1, update to version 1.18.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of non-zero flags parameters with the Faccessat function until a patch is applied.