CVE-2021-32553 – apport read_file() function could follow maliciously constructed symbolic links
https://notcve.org/view.php?id=CVE-2021-32553
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users. Se ha detectado que la función read_file() en el archivo apport/hookutils.py podría seguir enlaces simbólicos o abrir FIFOs. Cuando esta función es usada por el paquete openjdk-17 apport hooks, podría exponer datos privados a otros usuarios locales • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •
CVE-2021-3517 – libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. Se presenta un fallo en la funcionalidad xml entity encoding de libxml2 en versiones anteriores a 2.9.11. Un atacante que sea capaz de proporcionar un archivo diseñado para que sea procesado por una aplicación vinculada con la funcionalidad afectada de libxml2 podría desencadenar una lectura fuera de los límites. • https://bugzilla.redhat.com/show_bug.cgi?id=1954232 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/pack • CWE-787: Out-of-bounds Write •
CVE-2021-3522
https://notcve.org/view.php?id=CVE-2021-3522
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. GStreamer versiones anteriores a 1.18.4, puede llevar a cabo una lectura fuera de límites al manejar determinadas etiquetas ID3v2 • https://bugzilla.redhat.com/show_bug.cgi?id=1954761 https://security.gentoo.org/glsa/202208-31 https://security.netapp.com/advisory/ntap-20211022-0004 https://www.oracle.com/security-alerts/cpuoct2021.html • CWE-125: Out-of-bounds Read •
CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVE-2021-2161 – OpenJDK: Incorrect handling of partially quoted arguments in ProcessBuilder on Windows (Libraries, 8250568)
https://notcve.org/view.php?id=CVE-2021-2161
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK https://lists.fedoraproject.org/archives/ • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •