UBUNTU-CVE-2026-27144

Source
https://ubuntu.com/security/CVE-2026-27144
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-27144
Upstream
Published
2026-04-08T02:16:00Z
Modified
2026-07-08T22:45:13.859333223Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.

References

Affected packages

Ubuntu:20.04:LTS
golang-1.20

Package

Name
golang-1.20
Purl
pkg:deb/ubuntu/golang-1.20?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.20.3-1ubuntu0.1~20.04
1.20.3-1ubuntu0.1~20.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.20",
            "binary_version": "1.20.3-1ubuntu0.1~20.04.1"
        },
        {
            "binary_name": "golang-1.20-go",
            "binary_version": "1.20.3-1ubuntu0.1~20.04.1"
        },
        {
            "binary_name": "golang-1.20-src",
            "binary_version": "1.20.3-1ubuntu0.1~20.04.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.21

Package

Name
golang-1.21
Purl
pkg:deb/ubuntu/golang-1.21?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.21.1-1~ubuntu20.04.1
1.21.1-1~ubuntu20.04.2
1.21.1-1~ubuntu20.04.3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.21",
            "binary_version": "1.21.1-1~ubuntu20.04.3"
        },
        {
            "binary_name": "golang-1.21-go",
            "binary_version": "1.21.1-1~ubuntu20.04.3"
        },
        {
            "binary_name": "golang-1.21-src",
            "binary_version": "1.21.1-1~ubuntu20.04.3"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.22

Package

Name
golang-1.22
Purl
pkg:deb/ubuntu/golang-1.22?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.22.2-2~20.04.1
1.22.2-2~20.04.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.22",
            "binary_version": "1.22.2-2~20.04.2"
        },
        {
            "binary_name": "golang-1.22-go",
            "binary_version": "1.22.2-2~20.04.2"
        },
        {
            "binary_name": "golang-1.22-src",
            "binary_version": "1.22.2-2~20.04.2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
Ubuntu:22.04:LTS
golang-1.20

Package

Name
golang-1.20
Purl
pkg:deb/ubuntu/golang-1.20?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.20.3-1ubuntu0.1~22.04
1.20.3-1ubuntu0.1~22.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.20",
            "binary_version": "1.20.3-1ubuntu0.1~22.04.1"
        },
        {
            "binary_name": "golang-1.20-go",
            "binary_version": "1.20.3-1ubuntu0.1~22.04.1"
        },
        {
            "binary_name": "golang-1.20-src",
            "binary_version": "1.20.3-1ubuntu0.1~22.04.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.21

Package

Name
golang-1.21
Purl
pkg:deb/ubuntu/golang-1.21?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.21.1-1~ubuntu22.04.1
1.21.1-1~ubuntu22.04.2
1.21.1-1~ubuntu22.04.3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.21",
            "binary_version": "1.21.1-1~ubuntu22.04.3"
        },
        {
            "binary_name": "golang-1.21-go",
            "binary_version": "1.21.1-1~ubuntu22.04.3"
        },
        {
            "binary_name": "golang-1.21-src",
            "binary_version": "1.21.1-1~ubuntu22.04.3"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.22

Package

Name
golang-1.22
Purl
pkg:deb/ubuntu/golang-1.22?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.22.2-2~22.04
1.22.2-2~22.04.1
1.22.2-2~22.04.2
1.22.2-2~22.04.3

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.22",
            "binary_version": "1.22.2-2~22.04.3"
        },
        {
            "binary_name": "golang-1.22-go",
            "binary_version": "1.22.2-2~22.04.3"
        },
        {
            "binary_name": "golang-1.22-src",
            "binary_version": "1.22.2-2~22.04.3"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.23

Package

Name
golang-1.23
Purl
pkg:deb/ubuntu/golang-1.23?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.23.1-1~22.04
1.23.1-1~22.04.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.23",
            "binary_version": "1.23.1-1~22.04.2"
        },
        {
            "binary_name": "golang-1.23-go",
            "binary_version": "1.23.1-1~22.04.2"
        },
        {
            "binary_name": "golang-1.23-src",
            "binary_version": "1.23.1-1~22.04.2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.24

Package

Name
golang-1.24
Purl
pkg:deb/ubuntu/golang-1.24?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.24.4-1ubuntu1~22.04.1
1.24.4-1ubuntu1~22.04.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.24",
            "binary_version": "1.24.4-1ubuntu1~22.04.2"
        },
        {
            "binary_name": "golang-1.24-go",
            "binary_version": "1.24.4-1ubuntu1~22.04.2"
        },
        {
            "binary_name": "golang-1.24-src",
            "binary_version": "1.24.4-1ubuntu1~22.04.2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
Ubuntu:24.04:LTS
golang-1.21

Package

Name
golang-1.21
Purl
pkg:deb/ubuntu/golang-1.21?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.21.1-1
1.21.3-1
1.21.4-1
1.21.5-1
1.21.6-1
1.21.7-1
1.21.7-2
1.21.8-1
1.21.8-1build1
1.21.9-1
1.21.9-1ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.21",
            "binary_version": "1.21.9-1ubuntu0.1"
        },
        {
            "binary_name": "golang-1.21-go",
            "binary_version": "1.21.9-1ubuntu0.1"
        },
        {
            "binary_name": "golang-1.21-src",
            "binary_version": "1.21.9-1ubuntu0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.22

Package

Name
golang-1.22
Purl
pkg:deb/ubuntu/golang-1.22?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.22~rc1-2
1.22.0-1
1.22.0-2
1.22.1-1
1.22.1-1build1
1.22.2-2
1.22.2-2ubuntu0.1
1.22.2-2ubuntu0.2
1.22.2-2ubuntu0.3
1.22.2-2ubuntu0.4

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.22",
            "binary_version": "1.22.2-2ubuntu0.4"
        },
        {
            "binary_name": "golang-1.22-go",
            "binary_version": "1.22.2-2ubuntu0.4"
        },
        {
            "binary_name": "golang-1.22-src",
            "binary_version": "1.22.2-2ubuntu0.4"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.23

Package

Name
golang-1.23
Purl
pkg:deb/ubuntu/golang-1.23?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.23.1-1~24.04
1.23.1-1~24.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.23",
            "binary_version": "1.23.1-1~24.04.1"
        },
        {
            "binary_name": "golang-1.23-go",
            "binary_version": "1.23.1-1~24.04.1"
        },
        {
            "binary_name": "golang-1.23-src",
            "binary_version": "1.23.1-1~24.04.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.24

Package

Name
golang-1.24
Purl
pkg:deb/ubuntu/golang-1.24?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.24.4-1ubuntu1~24.04.1
1.24.4-1ubuntu1~24.04.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.24",
            "binary_version": "1.24.4-1ubuntu1~24.04.2"
        },
        {
            "binary_name": "golang-1.24-go",
            "binary_version": "1.24.4-1ubuntu1~24.04.2"
        },
        {
            "binary_name": "golang-1.24-src",
            "binary_version": "1.24.4-1ubuntu1~24.04.2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
Ubuntu:25.10
golang-1.23

Package

Name
golang-1.23
Purl
pkg:deb/ubuntu/golang-1.23?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.23.8-1
1.23.10-1
1.23.10-1ubuntu0.2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.23",
            "binary_version": "1.23.10-1ubuntu0.2"
        },
        {
            "binary_name": "golang-1.23-go",
            "binary_version": "1.23.10-1ubuntu0.2"
        },
        {
            "binary_name": "golang-1.23-src",
            "binary_version": "1.23.10-1ubuntu0.2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.24

Package

Name
golang-1.24
Purl
pkg:deb/ubuntu/golang-1.24?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.24.2-1
1.24.2-2
1.24.4-1
1.24.4-1ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.24",
            "binary_version": "1.24.4-1ubuntu1"
        },
        {
            "binary_name": "golang-1.24-go",
            "binary_version": "1.24.4-1ubuntu1"
        },
        {
            "binary_name": "golang-1.24-src",
            "binary_version": "1.24.4-1ubuntu1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.25

Package

Name
golang-1.25
Purl
pkg:deb/ubuntu/golang-1.25?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.25.0-0ubuntu1
1.25.7-2~25.10.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.25",
            "binary_version": "1.25.7-2~25.10.1"
        },
        {
            "binary_name": "golang-1.25-go",
            "binary_version": "1.25.7-2~25.10.1"
        },
        {
            "binary_name": "golang-1.25-src",
            "binary_version": "1.25.7-2~25.10.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
Ubuntu:26.04:LTS
golang-1.23

Package

Name
golang-1.23
Purl
pkg:deb/ubuntu/golang-1.23?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.23.10-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.23",
            "binary_version": "1.23.10-1"
        },
        {
            "binary_name": "golang-1.23-go",
            "binary_version": "1.23.10-1"
        },
        {
            "binary_name": "golang-1.23-src",
            "binary_version": "1.23.10-1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.24

Package

Name
golang-1.24
Purl
pkg:deb/ubuntu/golang-1.24?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.24.4-1ubuntu1
1.24.9-1
1.24.13-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.24",
            "binary_version": "1.24.13-2"
        },
        {
            "binary_name": "golang-1.24-go",
            "binary_version": "1.24.13-2"
        },
        {
            "binary_name": "golang-1.24-src",
            "binary_version": "1.24.13-2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"
golang-1.25

Package

Name
golang-1.25
Purl
pkg:deb/ubuntu/golang-1.25?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.25.0-0ubuntu1
1.25.7-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "golang-1.25",
            "binary_version": "1.25.7-2"
        },
        {
            "binary_name": "golang-1.25-go",
            "binary_version": "1.25.7-2"
        },
        {
            "binary_name": "golang-1.25-src",
            "binary_version": "1.25.7-2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-27144.json"