ALT-BU-2021-4092-2
Branch p9 update bulletin.
Package kernel-image-un-def updated to version 5.10.54-alt1.1 for branch p9 in task 281531.
Closed vulnerabilities
BDU:2021-04028
Уязвимость функции rtas_args.nargs драйвера arch/powerpc/kvm/book3s_rtas.c ядра операционной системы Linux, позволяющая нарушителю вызвать повреждение памяти операционной системы хоста
Modified: 2024-11-21
CVE-2021-37576
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
- [oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption
- [oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a
- FEDORA-2021-12618d9b08
- FEDORA-2021-12618d9b08
- FEDORA-2021-817b3d47d2
- FEDORA-2021-817b3d47d2
- https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf%40mpe.ellerman.id.au/T/#u
- https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf%40mpe.ellerman.id.au/T/#u
- https://security.netapp.com/advisory/ntap-20210917-0005/
- https://security.netapp.com/advisory/ntap-20210917-0005/
- DSA-4978
- DSA-4978
Closed bugs
Прошу собрать новую 6.x версию
Package docs-alt-server-v updated to version 9.2-alt1 for branch p9 in task 281672.
Closed bugs
Опечатка в наименовании пакета altmediawriter
Closed vulnerabilities
BDU:2021-03700
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к защищаемой информации
BDU:2021-04210
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-22918
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- GLSA-202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://security.netapp.com/advisory/ntap-20210805-0003/
- GLSA-202401-23
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://hackerone.com/reports/1209681
Closed vulnerabilities
BDU:2021-01844
Уязвимость реализации протокола TLS библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-03700
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к защищаемой информации
BDU:2021-04210
Уязвимость функции uv__idna_toascii() программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-22918
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://hackerone.com/reports/1209681
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- GLSA-202401-23
- https://security.netapp.com/advisory/ntap-20210805-0003/
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://security.netapp.com/advisory/ntap-20210805-0003/
- GLSA-202401-23
- https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
- https://hackerone.com/reports/1209681
Modified: 2024-11-21
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
- [oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- [oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845
- https://kc.mcafee.com/corporate/index?page=content&id=SB10356
- https://kc.mcafee.com/corporate/index?page=content&id=SB10356
- [debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update
- [debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update
- FEDORA-2021-cbf14ab8f9
- FEDORA-2021-cbf14ab8f9
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013
- https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc
- https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc
- GLSA-202103-03
- GLSA-202103-03
- https://security.netapp.com/advisory/ntap-20210326-0006/
- https://security.netapp.com/advisory/ntap-20210326-0006/
- https://security.netapp.com/advisory/ntap-20210513-0002/
- https://security.netapp.com/advisory/ntap-20210513-0002/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- 20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021
- 20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021
- DSA-4875
- DSA-4875
- https://www.openssl.org/news/secadv/20210325.txt
- https://www.openssl.org/news/secadv/20210325.txt
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-05
- https://www.tenable.com/security/tns-2021-05
- https://www.tenable.com/security/tns-2021-06
- https://www.tenable.com/security/tns-2021-06
- https://www.tenable.com/security/tns-2021-09
- https://www.tenable.com/security/tns-2021-09
- https://www.tenable.com/security/tns-2021-10
- https://www.tenable.com/security/tns-2021-10
Closed vulnerabilities
BDU:2021-02865
Уязвимость библиотеки y18n прикладного программного обеспечения Аврора Центр, связанная с неконтролируемым изменением атрибутов прототипа объекта, позволяющая нарушителю реализовать атаку типа «загрязнение прототипа»
BDU:2021-02874
Уязвимость библиотеки ini прикладного программного обеспечения Аврора Центр, связанная с неконтролируемым изменением атрибутов прототипа объекта, позволяющая нарушителю реализовать атаку типа «загрязнение прототипа»
Modified: 2024-11-21
CVE-2020-7774
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://github.com/yargs/y18n/issues/96
- https://github.com/yargs/y18n/issues/96
- https://github.com/yargs/y18n/pull/108
- https://github.com/yargs/y18n/pull/108
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Modified: 2024-11-21
CVE-2020-7788
This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.
- https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1
- https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1
- [debian-lts-announce] 20201221 [SECURITY] [DLA 2503-1] node-ini security update
- [debian-lts-announce] 20201221 [SECURITY] [DLA 2503-1] node-ini security update
- https://snyk.io/vuln/SNYK-JS-INI-1048974
- https://snyk.io/vuln/SNYK-JS-INI-1048974
Modified: 2024-11-21
CVE-2020-8244
A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.
Closed vulnerabilities
BDU:2023-05898
Уязвимость функции ares_parse_soa_reply() библиотеки асинхронных DNS-запросов C-ares, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2020-22217
Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c.