pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b1153fc0bf
vuln-list-alt/oval/c10f1/ALT-PU-2021-1865/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

197 lines
10 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20211865",
"Version": "oval:org.altlinux.errata:def:20211865",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-1865: package `curl` update to version 7.77.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-1865",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-1865",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-02928",
"RefURL": "https://bdu.fstec.ru/vul/2021-02928",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03580",
"RefURL": "https://bdu.fstec.ru/vul/2021-03580",
"Source": "BDU"
},
{
"RefID": "BDU:2021-05280",
"RefURL": "https://bdu.fstec.ru/vul/2021-05280",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00375",
"RefURL": "https://bdu.fstec.ru/vul/2022-00375",
"Source": "BDU"
},
{
"RefID": "CVE-2021-22897",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897",
"Source": "CVE"
},
{
"RefID": "CVE-2021-22898",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898",
"Source": "CVE"
},
{
"RefID": "CVE-2021-22901",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901",
"Source": "CVE"
},
{
"RefID": "CVE-2021-22924",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924",
"Source": "CVE"
}
],
"Description": "This update upgrades curl to version 7.77.0-alt1. \nSecurity Fix(es):\n\n * BDU:2021-02928: Уязвимость набора компонентов для построения корпоративных приложений JBoss Core Services, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-03580: Уязвимость функции sscanf() библиотеки libcurl программного средства для взаимодействия с серверами CURL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-05280: Уязвимость функции сопоставления конфигураций программного средства для взаимодействия с серверами CURL, связанная с использованием имени с неправильной ссылкой, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2022-00375: Уязвимость реализации протокола Transport Layer Security (TLS) библиотеки libcurl, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2021-22897: curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single \"static\" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly.\n\n * CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.\n\n * CVE-2021-22901: curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.\n\n * CVE-2021-22924: libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-05-27"
},
"Updated": {
"Date": "2021-05-27"
},
"BDUs": [
{
"ID": "BDU:2021-02928",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-02928",
"Impact": "High",
"Public": "20210526"
},
{
"ID": "BDU:2021-03580",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-200, CWE-457, CWE-908, CWE-909",
"Href": "https://bdu.fstec.ru/vul/2021-03580",
"Impact": "Low",
"Public": "20210427"
},
{
"ID": "BDU:2021-05280",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-706",
"Href": "https://bdu.fstec.ru/vul/2021-05280",
"Impact": "Low",
"Public": "20210611"
},
{
"ID": "BDU:2022-00375",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-668, CWE-840",
"Href": "https://bdu.fstec.ru/vul/2022-00375",
"Impact": "Low",
"Public": "20210423"
}
],
"CVEs": [
{
"ID": "CVE-2021-22897",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-668",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-22897",
"Impact": "Low",
"Public": "20210611"
},
{
"ID": "CVE-2021-22898",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-909",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-22898",
"Impact": "Low",
"Public": "20210611"
},
{
"ID": "CVE-2021-22901",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-22901",
"Impact": "High",
"Public": "20210611"
},
{
"ID": "CVE-2021-22924",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-706",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-22924",
"Impact": "Low",
"Public": "20210805"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20211865001",
"Comment": "curl is earlier than 0:7.77.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211865002",
"Comment": "libcurl is earlier than 0:7.77.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211865003",
"Comment": "libcurl-devel is earlier than 0:7.77.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211865004",
"Comment": "libcurl-devel-static is earlier than 0:7.77.0-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink