var-202105-1325
Vulnerability from variot
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability. (CVE-2021-25217). These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html
-
7.7) - ppc64, ppc64le, s390x, x86_64
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: dhcp security update Advisory ID: RHSA-2021:2414-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2414 Issue date: 2021-06-14 CVE Names: CVE-2021-25217 =====================================================================
- Summary:
An update for dhcp is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - x86_64
- Description:
The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.
Security Fix(es):
- dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: dhcp-4.2.5-58.el7_4.5.src.rpm
x86_64: dhclient-4.2.5-58.el7_4.5.x86_64.rpm dhcp-4.2.5-58.el7_4.5.x86_64.rpm dhcp-common-4.2.5-58.el7_4.5.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-libs-4.2.5-58.el7_4.5.i686.rpm dhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: dhcp-4.2.5-58.el7_4.5.src.rpm
ppc64le: dhclient-4.2.5-58.el7_4.5.ppc64le.rpm dhcp-4.2.5-58.el7_4.5.ppc64le.rpm dhcp-common-4.2.5-58.el7_4.5.ppc64le.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.ppc64le.rpm dhcp-libs-4.2.5-58.el7_4.5.ppc64le.rpm
x86_64: dhclient-4.2.5-58.el7_4.5.x86_64.rpm dhcp-4.2.5-58.el7_4.5.x86_64.rpm dhcp-common-4.2.5-58.el7_4.5.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-libs-4.2.5-58.el7_4.5.i686.rpm dhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: dhcp-4.2.5-58.el7_4.5.src.rpm
x86_64: dhclient-4.2.5-58.el7_4.5.x86_64.rpm dhcp-4.2.5-58.el7_4.5.x86_64.rpm dhcp-common-4.2.5-58.el7_4.5.x86_64.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-libs-4.2.5-58.el7_4.5.i686.rpm dhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-devel-4.2.5-58.el7_4.5.i686.rpm dhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: dhcp-debuginfo-4.2.5-58.el7_4.5.ppc64le.rpm dhcp-devel-4.2.5-58.el7_4.5.ppc64le.rpm
x86_64: dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-devel-4.2.5-58.el7_4.5.i686.rpm dhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: dhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm dhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm dhcp-devel-4.2.5-58.el7_4.5.i686.rpm dhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-25217 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYMezctzjgjWX9erEAQg/cxAAph3Cp36Ed68IjSJH1glCDVVbNvKokeg/ Q3JxA6BIqimNoVv14IhjDS4wt7ZGCtp7rluumCjE7cMNvLcfRhUxoU9jvxAR4BK9 2N1H9/TCFgnqULCs8KqWs8rm2qtfSuSxs9hlgOUGVnUD4AXOFsynTZkYqS9JS3kM yP+Uo+s+Dwz/Sq5oWU2vWrXx/yjce35UQU9WCOfk2Nat4T/GeCuoscp9cFlbgLFB FFwyCr+Kv6rdfsn37TvOxLFqttz+2atJUPp0KrUNKosPIqp7KS8QfOALff8hqswc TPlgmk55+I7v24zBzAiNidWqbpDVZnzOFH/R7yVtOA/N1Aq4pl9Wsh4tDnSxv+rc NdA9GLhdk89OOvLbpJ1rc6hxa91qrf/jcUK1EoLUhgk+Z80o6h5HghboRgSrblS/ d3FA8xlk11AgUU8Y0upb2D0DyIol4jM53+P3dulBJ8IvBV4rREwBvxHyQwT+sG43 30Jz+UWiS6BKotLdiVNMMGUNdcBTtXnF31RXF2iY0fUq57IrEb4rl8h/5gQA0UVb WWxqdbnKwVvxAu6nbp8XqZR4vl5LCuOohqZtPiUgVIo5Um8pYTxjUkV2+20Cm1+d xJVCc/K3mzBkeaN66esB5vB5Okc3MzqqH4/WeI171cnFLArGddejORH21L6nAcP6 csJckOYTtLQ= =NFTY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Bugs fixed (https://bugzilla.redhat.com/):
1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8
-
Gentoo Linux Security Advisory GLSA 202305-22
https://security.gentoo.org/
Severity: Normal Title: ISC DHCP: Multiple Vulnerabilities Date: May 03, 2023 Bugs: #875521, #792324 ID: 202305-22
Synopsis
Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/dhcp < 4.4.3_p1 >= 4.4.3_p1
Description
Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ISC DHCP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.4.3_p1"
References
[ 1 ] CVE-2021-25217 https://nvd.nist.gov/vuln/detail/CVE-2021-25217 [ 2 ] CVE-2022-2928 https://nvd.nist.gov/vuln/detail/CVE-2022-2928 [ 3 ] CVE-2022-2929 https://nvd.nist.gov/vuln/detail/CVE-2022-2929
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-22
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-1325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinec ins",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "ruggedcom rox rx1501",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ruggedcom rox rx1512",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "ruggedcom rox rx1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox mx5000",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "solidfire \\\u0026 hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "dhcp",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "4.4.2"
},
{
"model": "ruggedcom rox rx1500",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "ruggedcom rox rx1400",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox rx5000",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "ruggedcom rox rx1510",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "ruggedcom rox rx1511",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "ruggedcom rox rx1501",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "ruggedcom rox rx5000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "sinec ins",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "ruggedcom rox rx1511",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox mx5000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox rx1536",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "dhcp",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "4.4.0"
},
{
"model": "dhcp",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "4.1-esv"
},
{
"model": "ruggedcom rox rx1512",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox rx1510",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "ruggedcom rox rx1524",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.15.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
},
{
"db": "PACKETSTORM",
"id": "163789"
}
],
"trust": 0.8
},
"cve": "CVE-2021-25217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-25217",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-25217",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-25217",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2021-25217",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-25217",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"db": "NVD",
"id": "CVE-2021-25217"
},
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In ISC DHCP 4.1-ESV-R1 -\u003e 4.1-ESV-R16, ISC DHCP 4.4.0 -\u003e 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted. There is a discrepancy between the code that handles encapsulated option information in leases transmitted \"on the wire\" and the code which reads and parses lease information after it has been written to disk storage. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability. (CVE-2021-25217). \nThese packages include redhat-release-virtualization-host. \nRHVH features a Cockpit user interface for monitoring the host\u0027s resources\nand\nperforming administrative tasks. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor\n\n4. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -cli.html\n\n5. 7.7) - ppc64, ppc64le, s390x, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: dhcp security update\nAdvisory ID: RHSA-2021:2414-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2414\nIssue date: 2021-06-14\nCVE Names: CVE-2021-25217 \n=====================================================================\n\n1. Summary:\n\nAn update for dhcp is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - x86_64\n\n3. Description:\n\nThe Dynamic Host Configuration Protocol (DHCP) is a protocol that allows\nindividual devices on an IP network to get their own network configuration\ninformation, including an IP address, a subnet mask, and a broadcast\naddress. The dhcp packages provide a relay agent and ISC DHCP service\nrequired to enable and administer DHCP on a network. \n\nSecurity Fix(es):\n\n* dhcp: stack-based buffer overflow when parsing statements with\ncolon-separated hex digits in config or lease files in dhcpd and dhclient\n(CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\ndhcp-4.2.5-58.el7_4.5.src.rpm\n\nx86_64:\ndhclient-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-common-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-libs-4.2.5-58.el7_4.5.i686.rpm\ndhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\ndhcp-4.2.5-58.el7_4.5.src.rpm\n\nppc64le:\ndhclient-4.2.5-58.el7_4.5.ppc64le.rpm\ndhcp-4.2.5-58.el7_4.5.ppc64le.rpm\ndhcp-common-4.2.5-58.el7_4.5.ppc64le.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.ppc64le.rpm\ndhcp-libs-4.2.5-58.el7_4.5.ppc64le.rpm\n\nx86_64:\ndhclient-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-common-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-libs-4.2.5-58.el7_4.5.i686.rpm\ndhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\ndhcp-4.2.5-58.el7_4.5.src.rpm\n\nx86_64:\ndhclient-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-common-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-libs-4.2.5-58.el7_4.5.i686.rpm\ndhcp-libs-4.2.5-58.el7_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-devel-4.2.5-58.el7_4.5.i686.rpm\ndhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\ndhcp-debuginfo-4.2.5-58.el7_4.5.ppc64le.rpm\ndhcp-devel-4.2.5-58.el7_4.5.ppc64le.rpm\n\nx86_64:\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-devel-4.2.5-58.el7_4.5.i686.rpm\ndhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\ndhcp-debuginfo-4.2.5-58.el7_4.5.i686.rpm\ndhcp-debuginfo-4.2.5-58.el7_4.5.x86_64.rpm\ndhcp-devel-4.2.5-58.el7_4.5.i686.rpm\ndhcp-devel-4.2.5-58.el7_4.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-25217\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYMezctzjgjWX9erEAQg/cxAAph3Cp36Ed68IjSJH1glCDVVbNvKokeg/\nQ3JxA6BIqimNoVv14IhjDS4wt7ZGCtp7rluumCjE7cMNvLcfRhUxoU9jvxAR4BK9\n2N1H9/TCFgnqULCs8KqWs8rm2qtfSuSxs9hlgOUGVnUD4AXOFsynTZkYqS9JS3kM\nyP+Uo+s+Dwz/Sq5oWU2vWrXx/yjce35UQU9WCOfk2Nat4T/GeCuoscp9cFlbgLFB\nFFwyCr+Kv6rdfsn37TvOxLFqttz+2atJUPp0KrUNKosPIqp7KS8QfOALff8hqswc\nTPlgmk55+I7v24zBzAiNidWqbpDVZnzOFH/R7yVtOA/N1Aq4pl9Wsh4tDnSxv+rc\nNdA9GLhdk89OOvLbpJ1rc6hxa91qrf/jcUK1EoLUhgk+Z80o6h5HghboRgSrblS/\nd3FA8xlk11AgUU8Y0upb2D0DyIol4jM53+P3dulBJ8IvBV4rREwBvxHyQwT+sG43\n30Jz+UWiS6BKotLdiVNMMGUNdcBTtXnF31RXF2iY0fUq57IrEb4rl8h/5gQA0UVb\nWWxqdbnKwVvxAu6nbp8XqZR4vl5LCuOohqZtPiUgVIo5Um8pYTxjUkV2+20Cm1+d\nxJVCc/K3mzBkeaN66esB5vB5Okc3MzqqH4/WeI171cnFLArGddejORH21L6nAcP6\ncsJckOYTtLQ=\n=NFTY\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve\n1945703 - \"Guest OS Info\" availability in VMI describe is flaky\n1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster\n1963275 - migration controller null pointer dereference\n1965099 - Live Migration double handoff to virt-handler causes connection failures\n1965181 - CDI importer doesn\u0027t report AwaitingVDDK like it used to\n1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod\n1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs\n1969756 - Windows VMs fail to start on air-gapped environments\n1970372 - Virt-handler fails to verify container-disk\n1973227 - segfault in virt-controller during pdb deletion\n1974084 - 2.6.6 containers\n1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted]\n1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration\n1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner\n1982760 - [v2v] no kind VirtualMachine is registered for version \\\"kubevirt.io/v1\\\" i... \n1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with \u003c= 4.8\n\n5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202305-22\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ISC DHCP: Multiple Vulnerabilities\n Date: May 03, 2023\n Bugs: #875521, #792324\n ID: 202305-22\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ISC DHCP, the worst of\nwhich could result in denial of service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/dhcp \u003c 4.4.3_p1 \u003e= 4.4.3_p1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ISC DHCP. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ISC DHCP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/dhcp-4.4.3_p1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-25217\n https://nvd.nist.gov/vuln/detail/CVE-2021-25217\n[ 2 ] CVE-2022-2928\n https://nvd.nist.gov/vuln/detail/CVE-2022-2928\n[ 3 ] CVE-2022-2929\n https://nvd.nist.gov/vuln/detail/CVE-2022-2929\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202305-22\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25217"
},
{
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "172130"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-25217",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-637483",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-406691",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/05/26/6",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-258-05",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-25217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163196",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163240",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163400",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "172130",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "172130"
},
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"id": "VAR-202105-1325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.366531175
},
"last_update_date": "2024-09-19T21:37:22.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian CVElist Bug Report Logs: isc-dhcp: CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b55bb445f71f0d88702845d3582e2b5c"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1510",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1510"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1654",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1654"
},
{
"title": "Red Hat: CVE-2021-25217",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-25217"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-25217 log"
},
{
"title": "Palo Alto Networks Security Advisory: PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=34f98e4f4344c97599fe2d33618956a7"
},
{
"title": "Completion for lacework",
"trust": 0.1,
"url": "https://github.com/fbreton/lacework "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25217"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202305-22"
},
{
"trust": 1.1,
"url": "https://kb.isc.org/docs/cve-2021-25217"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/05/26/6"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00002.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406691.pdf"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20220325-0011/"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z2lb42jwiv4m4wdnxx5vgip26feywkif/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5qi4dyc7j4bghew3nh4xhmwthyc36uk4/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-25217"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25217"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27219"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3560"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989157"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/alas-2021-1510.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3560"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2554"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2555"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2405"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2415"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2414"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2359"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25039"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14347"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14346"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23240"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14502"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13543"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3520"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9951"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25037"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23239"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36242"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25037"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3537"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33909"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9948"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28935"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3516"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13434"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-14502"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25034"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8285"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14866"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26116"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14345"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14866"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13584"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25013"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13584"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29361"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3517"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25042"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20201"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25042"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25038"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25659"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25032"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25041"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3119"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25032"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20271"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25215"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3326"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14344"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25035"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2708"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14345"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14344"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23336"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14361"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3114"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28211"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25039"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14346"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-25040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2708"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-10228"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25041"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8284"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33910"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25034"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2928"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "172130"
},
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "172130"
},
{
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"date": "2021-06-17T18:09:00",
"db": "PACKETSTORM",
"id": "163196"
},
{
"date": "2021-06-22T19:32:24",
"db": "PACKETSTORM",
"id": "163240"
},
{
"date": "2021-07-06T15:19:09",
"db": "PACKETSTORM",
"id": "163400"
},
{
"date": "2021-06-14T15:49:07",
"db": "PACKETSTORM",
"id": "163129"
},
{
"date": "2021-06-15T14:44:42",
"db": "PACKETSTORM",
"id": "163140"
},
{
"date": "2021-06-15T14:50:28",
"db": "PACKETSTORM",
"id": "163144"
},
{
"date": "2021-06-09T13:43:47",
"db": "PACKETSTORM",
"id": "163052"
},
{
"date": "2021-08-11T16:15:17",
"db": "PACKETSTORM",
"id": "163789"
},
{
"date": "2023-05-03T15:37:18",
"db": "PACKETSTORM",
"id": "172130"
},
{
"date": "2021-05-26T22:15:07.947000",
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-25217"
},
{
"date": "2023-11-07T03:31:24.893000",
"db": "NVD",
"id": "CVE-2021-25217"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2021-2469-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "163196"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "163196"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163400"
},
{
"db": "PACKETSTORM",
"id": "163129"
},
{
"db": "PACKETSTORM",
"id": "163140"
},
{
"db": "PACKETSTORM",
"id": "163144"
},
{
"db": "PACKETSTORM",
"id": "163052"
}
],
"trust": 0.7
}
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.