CVE-2021-3498 – Gstreamer Matroska Demuxing Use-After-Free
https://notcve.org/view.php?id=CVE-2021-3498
GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría causar daños en la pila al analizar determinados archivos Matroska malformado Gstreamer suffers from a use-after-free vulnerability in Matroska demuxing. • http://packetstormsecurity.com/files/162952/Gstreamer-Matroska-Demuxing-Use-After-Free.html https://bugzilla.redhat.com/show_bug.cgi?id=1945342 https://gstreamer.freedesktop.org/security/sa-2021-0003.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2021-3497 – gstreamer-plugins-good: Use-after-free in matroska demuxing
https://notcve.org/view.php?id=CVE-2021-3497
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. GStreamer versiones anteriores a 1.18.4, podría acceder a la memoria ya liberada en rutas de código de error al demultiplexar determinados archivos Matroska malformados • https://bugzilla.redhat.com/show_bug.cgi?id=1945339 https://gstreamer.freedesktop.org/security/sa-2021-0002.html https://lists.debian.org/debian-lts-announce/2021/04/msg00027.html https://security.gentoo.org/glsa/202208-31 https://www.debian.org/security/2021/dsa-4900 https://access.redhat.com/security/cve/CVE-2021-3497 • CWE-416: Use After Free •
CVE-2021-3472 – X.Org Server XChangeFeedbackControl Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-3472
A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en xorg-x11-server en versiones anteriores a 1.20.11. Se puede producir un subdesbordamiento de enteros en xserver que puede conllevar a una escalada de privilegios local. • http://www.openwall.com/lists/oss-security/2021/04/13/1 https://bugzilla.redhat.com/show_bug.cgi?id=1944167 https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY https:/& • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2021-3482 – exiv2: Heap-based buffer overflow in Jp2Image::readMetadata()
https://notcve.org/view.php?id=CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data. Se encontró un fallo en Exiv2 en versiones anteriores e incluyendo 0.27.4-RC1. Una comprobación inapropiada de la entrada de la propiedad rawData.size en la función Jp2Image::readMetadata() en el archivo jp2image.cpp puede conllevar a un desbordamiento del búfer en la región stack de la memoria por medio de una imagen JPG diseñada que contiene datos EXIF ??maliciosos A flaw was found in Exiv2. • https://bugzilla.redhat.com/show_bug.cgi?id=1946314 https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN https://www.debian.org/security/2021/dsa-4958 https://access.redhat.com/security/cve/CVE-2021-3482 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2021-20221 – qemu: out-of-bound heap buffer access via an interrupt ID field
https://notcve.org/view.php?id=CVE-2021-20221
An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. Se encontró un problema de acceso al búfer de pila fuera de límites en el emulador ARM Generic Interrupt Controller de QEMU hasta e incluyendo qemu versión 4.2.0 en la plataforma aarch64. • http://www.openwall.com/lists/oss-security/2021/02/05/1 https://bugzilla.redhat.com/show_bug.cgi?id=1924601 https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://security.netapp.com/advisory/ntap-20210708-0005 https://access.redhat.com/security/cve/CVE-2021-20221 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •