certfr_avis - certfr-2024-avi-0380

CERTFR-2024-AVI-0380

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits NetApp. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
NetApp	ONTAP Select Deploy administration utility	ONTAP Select Deploy administration utility versions antérieures à 9.14.1
NetApp	Active IQ Unified Manager pour Microsoft Windows	Active IQ Unified Manager pour Microsoft Windows versions antérieures à 9.12
NetApp	Active IQ Unified Manager pour VMware vSphere	Active IQ Unified Manager pour VMware vSphere versions antérieures à 9.10
NetApp	N/A	NetApp Cloud Backup toutes versions
NetApp	NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S	NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S et H410C toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité NetApp NTAP-20220331-0005 du 09 mai 2024	None	vendor-advisory
Bulletin de sécurité NetApp NTAP-20220331-0010 du 09 mai 2024	None	vendor-advisory
Bulletin de sécurité NetApp NTAP-20220318-0010 du 09 mai 2024	None	vendor-advisory
Bulletin de sécurité NetApp NTAP-20220419-0005 du 09 mai 2024	None	vendor-advisory
Bulletin de sécurité NetApp NTAP-20211104-0006 du 09 mai 2024	None	vendor-advisory
Bulletin de sécurité NetApp NTAP-20211104-0005 du 09 mai 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ONTAP Select Deploy administration utility versions ant\u00e9rieures \u00e0 9.14.1",
      "product": {
        "name": "ONTAP Select Deploy administration utility",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Active IQ Unified Manager pour Microsoft Windows versions ant\u00e9rieures \u00e0 9.12",
      "product": {
        "name": "Active IQ Unified Manager pour Microsoft Windows",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Active IQ Unified Manager pour VMware vSphere versions ant\u00e9rieures \u00e0 9.10",
      "product": {
        "name": "Active IQ Unified Manager pour VMware vSphere",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "NetApp Cloud Backup toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S et H410C toutes versions",
      "product": {
        "name": "NetApp HCI Baseboard Management Controller (BMC) - H300S/H500S/H700S/H410S",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-3631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3631"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2021-4090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4090"
    },
    {
      "name": "CVE-2021-3667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3667"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0380",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-05-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits NetApp\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NetApp",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20220331-0005 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20220331-0005/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20220331-0010 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20220331-0010/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20220318-0010 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20220318-0010/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20220419-0005 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20220419-0005/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20211104-0006 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20211104-0006/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20211104-0005 du 09 mai 2024",
      "url": "https://security.netapp.com/advisory/ntap-20211104-0005/"
    }
  ]
}

CVE-2021-3580 (GCVE-0-2021-3580)

Vulnerability from cvelistv5 – Published: 2021-08-05 00:00 – Updated: 2024-11-19 14:24

Summary

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

Severity ?

No CVSS data available.

CWE

CWE-20

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1967983
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	https://security.netapp.com/advisory/ntap-2021110…
	https://security.gentoo.org/glsa/202401-24	vendor-advisory

Impacted products

	Vendor	Product	Version
	n/a	nettle	Affected: nettle 3.7.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:06.534Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983"
          },
          {
            "name": "[debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211104-0006/"
          },
          {
            "name": "GLSA-202401-24",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202401-24"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-3580",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T14:22:19.550074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T14:24:23.265Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nettle",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "nettle 3.7.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the way nettle\u0027s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-16T15:06:19.141036",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1967983"
        },
        {
          "name": "[debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20211104-0006/"
        },
        {
          "name": "GLSA-202401-24",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202401-24"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3580",
    "datePublished": "2021-08-05T00:00:00",
    "dateReserved": "2021-06-04T00:00:00",
    "dateUpdated": "2024-11-19T14:24:23.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-4090 (GCVE-0-2021-4090)

Vulnerability from cvelistv5 – Published: 2022-02-18 00:00 – Updated: 2024-08-03 17:16

Summary

An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.

Severity ?

No CVSS data available.

CWE

CWE-787

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=2025101
	https://lore.kernel.org/linux-nfs/163692036074.16…
	https://security.netapp.com/advisory/ntap-2022031…

Impacted products

	Vendor	Product	Version
	n/a	kernel	Affected: kernel 5.16 rc2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:16:03.753Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025101"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lore.kernel.org/linux-nfs/163692036074.16710.5678362976688977923.stgit%40klimt.1015granger.net/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220318-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "kernel 5.16 rc2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025101"
        },
        {
          "url": "https://lore.kernel.org/linux-nfs/163692036074.16710.5678362976688977923.stgit%40klimt.1015granger.net/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220318-0010/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-4090",
    "datePublished": "2022-02-18T00:00:00",
    "dateReserved": "2021-12-10T00:00:00",
    "dateUpdated": "2024-08-03T17:16:03.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-3631 (GCVE-0-2021-3631)

Vulnerability from cvelistv5 – Published: 2022-03-02 00:00 – Updated: 2024-11-19 19:33

Summary

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Severity ?

No CVSS data available.

CWE

CWE-732

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1977726
	https://gitlab.com/libvirt/libvirt/-/issues/153
	https://gitlab.com/libvirt/libvirt/-/commit/15073…
	https://access.redhat.com/errata/RHSA-2021:3631
	https://security.netapp.com/advisory/ntap-2022033…
	https://security.gentoo.org/glsa/202210-06	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2024…	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	libvirt	Affected: Fixed-In - libvirt v7.5.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:08.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977726"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/libvirt/libvirt/-/issues/153"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2021:3631"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220331-0010/"
          },
          {
            "name": "GLSA-202210-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202210-06"
          },
          {
            "name": "[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-3631",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T19:33:05.630858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:33:55.041Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libvirt",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed-In - libvirt v7.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs\u0027 dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-01T13:06:10.250799",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977726"
        },
        {
          "url": "https://gitlab.com/libvirt/libvirt/-/issues/153"
        },
        {
          "url": "https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2"
        },
        {
          "url": "https://access.redhat.com/errata/RHSA-2021:3631"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220331-0010/"
        },
        {
          "name": "GLSA-202210-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202210-06"
        },
        {
          "name": "[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3631",
    "datePublished": "2022-03-02T00:00:00",
    "dateReserved": "2021-06-30T00:00:00",
    "dateUpdated": "2024-11-19T19:33:55.041Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-3667 (GCVE-0-2021-3667)

Vulnerability from cvelistv5 – Published: 2022-03-02 00:00 – Updated: 2025-02-13 16:28

Summary

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.

Severity ?

No CVSS data available.

CWE

CWE-667 - (improper Locking)

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1986094
	https://libvirt.org/git/?p=libvirt.git%3Ba=commit…
	https://gitlab.com/libvirt/libvirt/-/commit/447f6…
	https://security.netapp.com/advisory/ntap-2022033…
	https://security.gentoo.org/glsa/202210-06	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2024…

Impacted products

	Vendor	Product	Version
	n/a	libvirt	Affected: Fixedin - libvert v7.6.0-rc1 and above

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:08.343Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220331-0005/"
          },
          {
            "name": "GLSA-202210-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202210-06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libvirt",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixedin - libvert v7.6.0-rc1 and above"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "CWE-667  (improper Locking)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-01T13:05:54.437Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094"
        },
        {
          "url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
        },
        {
          "url": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220331-0005/"
        },
        {
          "name": "GLSA-202210-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202210-06"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3667",
    "datePublished": "2022-03-02T00:00:00.000Z",
    "dateReserved": "2021-07-27T00:00:00.000Z",
    "dateUpdated": "2025-02-13T16:28:25.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26488 (GCVE-0-2022-26488)

Vulnerability from cvelistv5 – Published: 2022-03-07 17:26 – Updated: 2024-08-03 05:03

Summary

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://mail.python.org/archives/list/security-an…	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2022041…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:03:32.791Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220419-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:06:23",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220419-0005/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-26488",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://mail.python.org/archives/list/security-announce@python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/",
              "refsource": "MISC",
              "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/657Z4XULWZNIY5FRP3OWXHYKUSIH6DMN/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220419-0005/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220419-0005/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-26488",
    "datePublished": "2022-03-07T17:26:04",
    "dateReserved": "2022-03-06T00:00:00",
    "dateUpdated": "2024-08-03T05:03:32.791Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-3520 (GCVE-0-2021-3520)

Vulnerability from cvelistv5 – Published: 2021-06-02 12:32 – Updated: 2024-08-03 17:01

Summary

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.

Severity ?

No CVSS data available.

CWE

CWE-190 - >CWE-787

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1954559	x_refsource_MISC
	https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuapr2022.html	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2021110…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	lz4	Affected: lz4-1.8.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:01:07.870Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211104-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "lz4",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "lz4-1.8.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There\u0027s a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T23:56:39",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20211104-0005/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-3520",
    "datePublished": "2021-06-02T12:32:32",
    "dateReserved": "2021-04-28T00:00:00",
    "dateUpdated": "2024-08-03T17:01:07.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2024-AVI-0380

Solution

CVE-2021-3580 (GCVE-0-2021-3580)

CVE-2021-4090 (GCVE-0-2021-4090)

CVE-2021-3631 (GCVE-0-2021-3631)

CVE-2021-3667 (GCVE-0-2021-3667)

CVE-2022-26488 (GCVE-0-2022-26488)

CVE-2021-3520 (GCVE-0-2021-3520)

Tags

Sightings

Nomenclature