pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
26379462a9
vuln-list-alt/oval/c10f1/ALT-PU-2021-2137/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

169 lines
6.4 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20212137",
"Version": "oval:org.altlinux.errata:def:20212137",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-2137: package `glibc` update to version 2.32-alt3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-2137",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-2137",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-06408",
"RefURL": "https://bdu.fstec.ru/vul/2021-06408",
"Source": "BDU"
},
{
"RefID": "CVE-2021-33574",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574",
"Source": "CVE"
}
],
"Description": "This update upgrades glibc to version 2.32-alt3. \nSecurity Fix(es):\n\n * BDU:2021-06408: Уязвимость системной библиотеки GNU C Library (glibc), связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить отказ в обслуживании\n\n * CVE-2021-33574: The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-07-03"
},
"Updated": {
"Date": "2021-07-03"
},
"BDUs": [
{
"ID": "BDU:2021-06408",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-06408",
"Impact": "Critical",
"Public": "20210525"
}
],
"CVEs": [
{
"ID": "CVE-2021-33574",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-33574",
"Impact": "Critical",
"Public": "20210525"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20212137001",
"Comment": "glibc is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137002",
"Comment": "glibc-core is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137003",
"Comment": "glibc-debug is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137004",
"Comment": "glibc-devel is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137005",
"Comment": "glibc-devel-static is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137006",
"Comment": "glibc-doc is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137007",
"Comment": "glibc-gconv-modules is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137008",
"Comment": "glibc-i18ndata is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137009",
"Comment": "glibc-locales is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137010",
"Comment": "glibc-nss is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137011",
"Comment": "glibc-preinstall is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137012",
"Comment": "glibc-pthread is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137013",
"Comment": "glibc-source is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137014",
"Comment": "glibc-timezones is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137015",
"Comment": "glibc-utils is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137016",
"Comment": "iconv is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137017",
"Comment": "libnsl1 is earlier than 6:2.32-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212137018",
"Comment": "nscd is earlier than 6:2.32-alt3"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink