CVE-2021-22222
https://notcve.org/view.php?id=CVE-2021-22222
Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file Un bucle infinito en el DVB-S2-BB dissector de Wireshark versiones 3.4.0 hasta 3.4.5, permite una denegación de servicio por medio de inyección de paquetes o un archivo de captura diseñado • https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22222.json https://gitlab.com/wireshark/wireshark/-/merge_requests/3130 https://security.gentoo.org/glsa/202107-21 https://www.debian.org/security/2021/dsa-5019 https://www.oracle.com/security-alerts/cpuoct2021.html https://www.wireshark.org/security/wnpa-sec-2021-05.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2021-29505 – XStream is vulnerable to a Remote Command Execution attack
https://notcve.org/view.php?id=CVE-2021-29505
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. XStream es un software para serializar objetos Java a XML y viceversa. • https://github.com/MyBlackManba/CVE-2021-29505 https://github.com/x-stream/xstream/commit/24fac82191292c6ae25f94508d28b9823f83624f https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc https://lists.apache.org/thread.html/r8ee51debf7fd184b6a6b020dc31df25118b0aa612885f12fbe77f04f%40%3Cdev.jmeter.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/07/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP https://lists.f • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVE-2021-3518 – libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c
https://notcve.org/view.php?id=CVE-2021-3518
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. Se presenta un fallo en libxml2 en versiones anteriores a 2.9.11. Un atacante que pueda enviar un archivo diseñado para que sea procesado por una aplicación vinculada con libxml2 podría desencadenar un uso de la memoria previamente liberada. • http://seclists.org/fulldisclosure/2021/Jul/54 http://seclists.org/fulldisclosure/2021/Jul/55 http://seclists.org/fulldisclosure/2021/Jul/58 http://seclists.org/fulldisclosure/2021/Jul/59 https://bugzilla.redhat.com/show_bug.cgi?id=1954242 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/d • CWE-416: Use After Free •
CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. • http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://security.gentoo.org/gls • CWE-476: NULL Pointer Dereference •