Vulnerability-Lookup

CVE-2021-3594 (GCVE-0-2021-3594)

Vulnerability from cvelistv5 – Published: 2021-06-15 00:00 – Updated: 2024-08-03 17:01

Summary

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

Severity ?

No CVSS data available.

CWE

CWE-824

Assigner

redhat

References

URL

	Vendor	Product	Version
	n/a	QEMU	Affected: libslirp 4.6.0

FKIE_CVE-2021-3594

Vulnerability from fkie_nvd - Published: 2021-06-15 21:15 - Updated: 2024-11-21 06:21

Severity ?

3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Summary

References

URL	Tags
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1970491	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html	Mailing List, Third Party Advisory
secalert@redhat.com	https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/
secalert@redhat.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/
secalert@redhat.com	https://security.gentoo.org/glsa/202107-44	Third Party Advisory
secalert@redhat.com	https://security.netapp.com/advisory/ntap-20210805-0004/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1970491	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202107-44	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20210805-0004/	Third Party Advisory

Impacted products

Vendor	Product	Version
libslirp_project	libslirp	*
redhat	enterprise_linux	8.0
redhat	enterprise_linux	8.0
debian	debian_linux	9.0
fedoraproject	fedora	33
fedoraproject	fedora	34

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libslirp_project:libslirp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2D40D8-B587-4714-AAD2-27876A5B92AF",
              "versionEndExcluding": "4.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
              "matchCriteriaId": "3AA08768-75AF-4791-B229-AE938C780959",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0."
    },
    {
      "lang": "es",
      "value": "Se ha encontrado un problema de inicializaci\u00f3n de puntero no v\u00e1lido en la implementaci\u00f3n de redes SLiRP de QEMU. El fallo se presenta en la funci\u00f3n udp_input() y podr\u00eda ocurrir mientras se procesa un paquete udp m\u00e1s peque\u00f1o que el tama\u00f1o de la estructura \"udphdr\". Este problema puede conllevar a un acceso de lectura fuera de l\u00edmites o a una divulgaci\u00f3n indirecta de la memoria del host al invitado. La mayor amenaza de esta vulnerabilidad es la confidencialidad de los datos. Este fallo afecta a libslirp versiones anteriores a 4.6.0"
    }
  ],
  "id": "CVE-2021-3594",
  "lastModified": "2024-11-21T06:21:55.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.8,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-06-15T21:15:09.993",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202107-44"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210805-0004/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202107-44"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210805-0004/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-824"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

GHSA-WH9F-45PX-J437

Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2023-03-15 00:30

Details

Severity ?

3.8 (Low)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-3594"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-824"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-15T21:15:00Z",
    "severity": "LOW"
  },
  "details": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.",
  "id": "GHSA-wh9f-45px-j437",
  "modified": "2023-03-15T00:30:46Z",
  "published": "2022-05-24T19:05:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3594"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202107-44"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210805-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2021-45769

Vulnerability from cnvd - Published: 2021-06-29

Title

QEMU无效指针初始化漏洞（CNVD-2021-45769）

Description

QEMU是一套模拟处理器软件。 QEMU存在安全漏洞，该漏洞源于函数udp6_input()处理来自来宾的小于udphdr结构大小的udp数据包时，使用工作mbuf缓冲区外部的内存。攻击者可利用漏洞越界读取访问或间接内存泄露。

Severity

低

Patch Name

QEMU无效指针初始化漏洞（CNVD-2021-45769）的补丁

Patch Description

QEMU是一套模拟处理器软件。 QEMU存在安全漏洞，该漏洞源于函数udp6_input()处理来自来宾的小于udphdr结构大小的udp数据包时，使用工作mbuf缓冲区外部的内存。攻击者可利用漏洞越界读取访问或间接内存泄露。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://bugzilla.redhat.com/show_bug.cgi?id=1970491

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-3594

Impacted products

Name
Qemu QEMU

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-3594",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-3594"
    }
  },
  "description": "QEMU\u662f\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\n\nQEMU\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u51fd\u6570udp6_input()\u5904\u7406\u6765\u81ea\u6765\u5bbe\u7684\u5c0f\u4e8eudphdr\u7ed3\u6784\u5927\u5c0f\u7684udp\u6570\u636e\u5305\u65f6\uff0c\u4f7f\u7528\u5de5\u4f5cmbuf\u7f13\u51b2\u533a\u5916\u90e8\u7684\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8d8a\u754c\u8bfb\u53d6\u8bbf\u95ee\u6216\u95f4\u63a5\u5185\u5b58\u6cc4\u9732\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1970491",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-45769",
  "openTime": "2021-06-29",
  "patchDescription": "QEMU\u662f\u4e00\u5957\u6a21\u62df\u5904\u7406\u5668\u8f6f\u4ef6\u3002\r\n\r\nQEMU\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u51fd\u6570udp6_input()\u5904\u7406\u6765\u81ea\u6765\u5bbe\u7684\u5c0f\u4e8eudphdr\u7ed3\u6784\u5927\u5c0f\u7684udp\u6570\u636e\u5305\u65f6\uff0c\u4f7f\u7528\u5de5\u4f5cmbuf\u7f13\u51b2\u533a\u5916\u90e8\u7684\u5185\u5b58\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8d8a\u754c\u8bfb\u53d6\u8bbf\u95ee\u6216\u95f4\u63a5\u5185\u5b58\u6cc4\u9732\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "QEMU\u65e0\u6548\u6307\u9488\u521d\u59cb\u5316\u6f0f\u6d1e\uff08CNVD-2021-45769\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Qemu QEMU"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-3594",
  "serverity": "\u4f4e",
  "submitTime": "2021-06-16",
  "title": "QEMU\u65e0\u6548\u6307\u9488\u521d\u59cb\u5316\u6f0f\u6d1e\uff08CNVD-2021-45769\uff09"
}

GSD-2021-3594

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-3594

Aliases

CVE-2021-3594

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-3594",
    "description": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.",
    "id": "GSD-2021-3594",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-3594.html",
      "https://access.redhat.com/errata/RHSA-2021:4191",
      "https://ubuntu.com/security/CVE-2021-3594",
      "https://advisories.mageia.org/CVE-2021-3594.html",
      "https://security.archlinux.org/CVE-2021-3594",
      "https://linux.oracle.com/cve/CVE-2021-3594.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-3594"
      ],
      "details": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.",
      "id": "GSD-2021-3594",
      "modified": "2023-12-13T01:23:34.979072Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2021-3594",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "QEMU",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "libslirp 4.6.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-824"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491"
          },
          {
            "name": "FEDORA-2021-71de23bedd",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/"
          },
          {
            "name": "FEDORA-2021-7cd749f133",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/"
          },
          {
            "name": "GLSA-202107-44",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202107-44"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20210805-0004/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20210805-0004/"
          },
          {
            "name": "[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
          },
          {
            "name": "[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libslirp_project:libslirp:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2021-3594"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the \u0027udphdr\u0027 structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": []
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491"
            },
            {
              "name": "FEDORA-2021-7cd749f133",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/"
            },
            {
              "name": "FEDORA-2021-71de23bedd",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/"
            },
            {
              "name": "GLSA-202107-44",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202107-44"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210805-0004/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20210805-0004/"
            },
            {
              "name": "[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
            },
            {
              "name": "[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.0,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2023-03-15T00:15Z",
      "publishedDate": "2021-06-15T21:15Z"
    }
  }
}

CERTFR-2024-AVI-0997

Vulnerability from certfr_avis - Published: 2024-11-18 - Updated: 2024-11-18

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 24.04 LTS
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 24.10
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-7089-5	2024-11-14	vendor-advisory
Bulletin de sécurité Ubuntu USN-7100-1	2024-11-11	vendor-advisory
Bulletin de sécurité Ubuntu USN-7110-1	2024-11-14	vendor-advisory
Bulletin de sécurité Ubuntu USN-7089-6	2024-11-15	vendor-advisory
Bulletin de sécurité Ubuntu USN-7100-2	2024-11-12	vendor-advisory
Bulletin de sécurité Ubuntu USN-7089-4	2024-11-13	vendor-advisory
Bulletin de sécurité Ubuntu USN-7088-5	2024-11-14	vendor-advisory
Bulletin de sécurité Ubuntu USN-7071-2	2024-11-14	vendor-advisory
Bulletin de sécurité Ubuntu USN-7094-1	2024-11-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 24.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2020-13765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13765"
    },
    {
      "name": "CVE-2020-1983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1983"
    },
    {
      "name": "CVE-2020-7039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7039"
    },
    {
      "name": "CVE-2019-20382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20382"
    },
    {
      "name": "CVE-2022-36402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2023-52531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52531"
    },
    {
      "name": "CVE-2024-26607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26607"
    },
    {
      "name": "CVE-2023-52528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
    },
    {
      "name": "CVE-2024-26800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26800"
    },
    {
      "name": "CVE-2024-26810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26810"
    },
    {
      "name": "CVE-2024-26640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640"
    },
    {
      "name": "CVE-2024-26812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26812"
    },
    {
      "name": "CVE-2024-26641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26641"
    },
    {
      "name": "CVE-2024-27051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27051"
    },
    {
      "name": "CVE-2024-26885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26885"
    },
    {
      "name": "CVE-2023-52614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52614"
    },
    {
      "name": "CVE-2024-26891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26891"
    },
    {
      "name": "CVE-2024-26668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26668"
    },
    {
      "name": "CVE-2024-26669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26669"
    },
    {
      "name": "CVE-2021-47212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47212"
    },
    {
      "name": "CVE-2024-26893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26893"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-27436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27436"
    },
    {
      "name": "CVE-2024-38621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
    },
    {
      "name": "CVE-2024-38627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
    },
    {
      "name": "CVE-2024-38630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38630"
    },
    {
      "name": "CVE-2024-26661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26661"
    },
    {
      "name": "CVE-2024-25741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25741"
    },
    {
      "name": "CVE-2024-39487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
    },
    {
      "name": "CVE-2024-39494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
    },
    {
      "name": "CVE-2024-40915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40915"
    },
    {
      "name": "CVE-2024-40929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40929"
    },
    {
      "name": "CVE-2024-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38602"
    },
    {
      "name": "CVE-2024-38611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
    },
    {
      "name": "CVE-2024-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38577"
    },
    {
      "name": "CVE-2024-41011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41011"
    },
    {
      "name": "CVE-2024-39472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39472"
    },
    {
      "name": "CVE-2024-41017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41017"
    },
    {
      "name": "CVE-2024-41090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
    },
    {
      "name": "CVE-2024-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
    },
    {
      "name": "CVE-2024-41012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41012"
    },
    {
      "name": "CVE-2024-41015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41015"
    },
    {
      "name": "CVE-2024-41041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41041"
    },
    {
      "name": "CVE-2024-41044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41044"
    },
    {
      "name": "CVE-2024-41048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41048"
    },
    {
      "name": "CVE-2024-41057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
    },
    {
      "name": "CVE-2024-41058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
    },
    {
      "name": "CVE-2024-41059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41059"
    },
    {
      "name": "CVE-2024-41060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41060"
    },
    {
      "name": "CVE-2024-41063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41063"
    },
    {
      "name": "CVE-2024-41064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41064"
    },
    {
      "name": "CVE-2024-41066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
    },
    {
      "name": "CVE-2024-41069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41069"
    },
    {
      "name": "CVE-2024-41070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41070"
    },
    {
      "name": "CVE-2024-41071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41071"
    },
    {
      "name": "CVE-2024-41072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41072"
    },
    {
      "name": "CVE-2024-41076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41076"
    },
    {
      "name": "CVE-2024-41078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41078"
    },
    {
      "name": "CVE-2024-41081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41081"
    },
    {
      "name": "CVE-2024-41087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41087"
    },
    {
      "name": "CVE-2024-41089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41089"
    },
    {
      "name": "CVE-2024-41095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41095"
    },
    {
      "name": "CVE-2024-42070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
    },
    {
      "name": "CVE-2024-42079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
    },
    {
      "name": "CVE-2024-42093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42093"
    },
    {
      "name": "CVE-2024-42096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42096"
    },
    {
      "name": "CVE-2024-42105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42105"
    },
    {
      "name": "CVE-2024-42119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42119"
    },
    {
      "name": "CVE-2024-42120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42120"
    },
    {
      "name": "CVE-2024-42124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42124"
    },
    {
      "name": "CVE-2024-42145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42145"
    },
    {
      "name": "CVE-2024-42161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42161"
    },
    {
      "name": "CVE-2024-42223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42223"
    },
    {
      "name": "CVE-2024-42230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
    },
    {
      "name": "CVE-2022-48666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48666"
    },
    {
      "name": "CVE-2024-36484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36484"
    },
    {
      "name": "CVE-2024-41007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41007"
    },
    {
      "name": "CVE-2024-41020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41020"
    },
    {
      "name": "CVE-2024-41022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41022"
    },
    {
      "name": "CVE-2024-41034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41034"
    },
    {
      "name": "CVE-2024-41035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41035"
    },
    {
      "name": "CVE-2024-41046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41046"
    },
    {
      "name": "CVE-2024-41049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41049"
    },
    {
      "name": "CVE-2024-41055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
    },
    {
      "name": "CVE-2024-41065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41065"
    },
    {
      "name": "CVE-2024-41068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41068"
    },
    {
      "name": "CVE-2024-41077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
    },
    {
      "name": "CVE-2024-42101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42101"
    },
    {
      "name": "CVE-2024-42102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42102"
    },
    {
      "name": "CVE-2024-42104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42104"
    },
    {
      "name": "CVE-2024-42106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42106"
    },
    {
      "name": "CVE-2024-42115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42115"
    },
    {
      "name": "CVE-2024-42121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42121"
    },
    {
      "name": "CVE-2024-42127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42127"
    },
    {
      "name": "CVE-2024-42131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42131"
    },
    {
      "name": "CVE-2024-42137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42137"
    },
    {
      "name": "CVE-2024-42152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42152"
    },
    {
      "name": "CVE-2024-42153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42153"
    },
    {
      "name": "CVE-2024-42157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42157"
    },
    {
      "name": "CVE-2024-42229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
    },
    {
      "name": "CVE-2024-42232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42232"
    },
    {
      "name": "CVE-2024-42236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42236"
    },
    {
      "name": "CVE-2024-42244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
    },
    {
      "name": "CVE-2024-42247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42247"
    },
    {
      "name": "CVE-2024-42110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42110"
    },
    {
      "name": "CVE-2024-41073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
    },
    {
      "name": "CVE-2024-41096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41096"
    },
    {
      "name": "CVE-2024-42082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42082"
    },
    {
      "name": "CVE-2023-52887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52887"
    },
    {
      "name": "CVE-2024-41027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41027"
    },
    {
      "name": "CVE-2024-41047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
    },
    {
      "name": "CVE-2024-41092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
    },
    {
      "name": "CVE-2024-41093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
    },
    {
      "name": "CVE-2024-41097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41097"
    },
    {
      "name": "CVE-2024-42068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42068"
    },
    {
      "name": "CVE-2024-42076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42076"
    },
    {
      "name": "CVE-2024-42077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42077"
    },
    {
      "name": "CVE-2024-42080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42080"
    },
    {
      "name": "CVE-2024-42084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42084"
    },
    {
      "name": "CVE-2024-42085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
    },
    {
      "name": "CVE-2024-42086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42086"
    },
    {
      "name": "CVE-2024-42087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42087"
    },
    {
      "name": "CVE-2024-42089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42089"
    },
    {
      "name": "CVE-2024-42090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42090"
    },
    {
      "name": "CVE-2024-42092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42092"
    },
    {
      "name": "CVE-2024-42094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42094"
    },
    {
      "name": "CVE-2024-42095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42095"
    },
    {
      "name": "CVE-2024-42097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42097"
    },
    {
      "name": "CVE-2024-42098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42098"
    },
    {
      "name": "CVE-2024-42109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
    },
    {
      "name": "CVE-2024-42130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42130"
    },
    {
      "name": "CVE-2024-42140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42140"
    },
    {
      "name": "CVE-2024-42225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42225"
    },
    {
      "name": "CVE-2024-42240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
    },
    {
      "name": "CVE-2024-42270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42270"
    },
    {
      "name": "CVE-2023-52889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52889"
    },
    {
      "name": "CVE-2024-39486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
    },
    {
      "name": "CVE-2024-41010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
    },
    {
      "name": "CVE-2024-41025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41025"
    },
    {
      "name": "CVE-2024-41028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41028"
    },
    {
      "name": "CVE-2024-41032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
    },
    {
      "name": "CVE-2024-41036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41036"
    },
    {
      "name": "CVE-2024-41037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
    },
    {
      "name": "CVE-2024-41038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
    },
    {
      "name": "CVE-2024-41039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
    },
    {
      "name": "CVE-2024-41042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
    },
    {
      "name": "CVE-2024-41045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
    },
    {
      "name": "CVE-2024-41050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41050"
    },
    {
      "name": "CVE-2024-41051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41051"
    },
    {
      "name": "CVE-2024-41056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
    },
    {
      "name": "CVE-2024-41061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41061"
    },
    {
      "name": "CVE-2024-41062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41062"
    },
    {
      "name": "CVE-2024-41074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41074"
    },
    {
      "name": "CVE-2024-41075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41075"
    },
    {
      "name": "CVE-2024-41079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41079"
    },
    {
      "name": "CVE-2024-41080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41080"
    },
    {
      "name": "CVE-2024-41084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
    },
    {
      "name": "CVE-2024-41088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41088"
    },
    {
      "name": "CVE-2024-41094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
    },
    {
      "name": "CVE-2024-41098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41098"
    },
    {
      "name": "CVE-2024-42064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42064"
    },
    {
      "name": "CVE-2024-42069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42069"
    },
    {
      "name": "CVE-2024-42073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42073"
    },
    {
      "name": "CVE-2024-42074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42074"
    },
    {
      "name": "CVE-2024-42113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42113"
    },
    {
      "name": "CVE-2024-42114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42114"
    },
    {
      "name": "CVE-2024-42117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42117"
    },
    {
      "name": "CVE-2024-42126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42126"
    },
    {
      "name": "CVE-2024-42132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
    },
    {
      "name": "CVE-2024-42133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
    },
    {
      "name": "CVE-2024-42136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42136"
    },
    {
      "name": "CVE-2024-42138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
    },
    {
      "name": "CVE-2024-42141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
    },
    {
      "name": "CVE-2024-42142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42142"
    },
    {
      "name": "CVE-2024-42144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42144"
    },
    {
      "name": "CVE-2024-42147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42147"
    },
    {
      "name": "CVE-2024-42155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42155"
    },
    {
      "name": "CVE-2024-42156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42156"
    },
    {
      "name": "CVE-2024-42158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42158"
    },
    {
      "name": "CVE-2024-42227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42227"
    },
    {
      "name": "CVE-2024-42237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42237"
    },
    {
      "name": "CVE-2024-42238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
    },
    {
      "name": "CVE-2024-42239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
    },
    {
      "name": "CVE-2024-42241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
    },
    {
      "name": "CVE-2024-42245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
    },
    {
      "name": "CVE-2024-42246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42246"
    },
    {
      "name": "CVE-2024-42250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42250"
    },
    {
      "name": "CVE-2024-42253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42253"
    },
    {
      "name": "CVE-2024-42259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42259"
    },
    {
      "name": "CVE-2024-42269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42269"
    },
    {
      "name": "CVE-2024-42271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42271"
    },
    {
      "name": "CVE-2024-42274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42274"
    },
    {
      "name": "CVE-2024-42276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42276"
    },
    {
      "name": "CVE-2024-42277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42277"
    },
    {
      "name": "CVE-2024-42280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42280"
    },
    {
      "name": "CVE-2024-42281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42281"
    },
    {
      "name": "CVE-2024-42283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42283"
    },
    {
      "name": "CVE-2024-42284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
    },
    {
      "name": "CVE-2024-42285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42285"
    },
    {
      "name": "CVE-2024-42286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42286"
    },
    {
      "name": "CVE-2024-42287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42287"
    },
    {
      "name": "CVE-2024-42288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42288"
    },
    {
      "name": "CVE-2024-42289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42289"
    },
    {
      "name": "CVE-2024-42290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42290"
    },
    {
      "name": "CVE-2024-42292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
    },
    {
      "name": "CVE-2024-42295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42295"
    },
    {
      "name": "CVE-2024-42301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
    },
    {
      "name": "CVE-2024-42302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42302"
    },
    {
      "name": "CVE-2024-42309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42309"
    },
    {
      "name": "CVE-2024-42310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42310"
    },
    {
      "name": "CVE-2024-42311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42311"
    },
    {
      "name": "CVE-2024-42312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42312"
    },
    {
      "name": "CVE-2024-42313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42313"
    },
    {
      "name": "CVE-2024-42318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42318"
    },
    {
      "name": "CVE-2024-43817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
    },
    {
      "name": "CVE-2024-43829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43829"
    },
    {
      "name": "CVE-2024-43830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43830"
    },
    {
      "name": "CVE-2024-43834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43834"
    },
    {
      "name": "CVE-2024-43839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43839"
    },
    {
      "name": "CVE-2024-43841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43841"
    },
    {
      "name": "CVE-2024-43846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43846"
    },
    {
      "name": "CVE-2024-43849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43849"
    },
    {
      "name": "CVE-2024-43853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43853"
    },
    {
      "name": "CVE-2024-43854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
    },
    {
      "name": "CVE-2024-43855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43855"
    },
    {
      "name": "CVE-2024-43856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43856"
    },
    {
      "name": "CVE-2024-43858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43858"
    },
    {
      "name": "CVE-2024-43860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43860"
    },
    {
      "name": "CVE-2024-43861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43861"
    },
    {
      "name": "CVE-2024-43863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43863"
    },
    {
      "name": "CVE-2024-43867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43867"
    },
    {
      "name": "CVE-2024-43871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43871"
    },
    {
      "name": "CVE-2024-43873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
    },
    {
      "name": "CVE-2024-43875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43875"
    },
    {
      "name": "CVE-2024-43879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43879"
    },
    {
      "name": "CVE-2024-43880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
    },
    {
      "name": "CVE-2024-43882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
    },
    {
      "name": "CVE-2024-43883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43883"
    },
    {
      "name": "CVE-2024-43884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43884"
    },
    {
      "name": "CVE-2024-43889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
    },
    {
      "name": "CVE-2024-43892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
    },
    {
      "name": "CVE-2024-43893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43893"
    },
    {
      "name": "CVE-2024-43894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43894"
    },
    {
      "name": "CVE-2024-43902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43902"
    },
    {
      "name": "CVE-2024-43905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43905"
    },
    {
      "name": "CVE-2024-43907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43907"
    },
    {
      "name": "CVE-2024-43908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43908"
    },
    {
      "name": "CVE-2024-43909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43909"
    },
    {
      "name": "CVE-2024-44947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44947"
    },
    {
      "name": "CVE-2024-41023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41023"
    },
    {
      "name": "CVE-2024-41031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
    },
    {
      "name": "CVE-2024-42243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
    },
    {
      "name": "CVE-2024-45003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
    },
    {
      "name": "CVE-2024-43835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43835"
    },
    {
      "name": "CVE-2024-44940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
    },
    {
      "name": "CVE-2024-44946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44946"
    },
    {
      "name": "CVE-2024-44974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44974"
    },
    {
      "name": "CVE-2024-44982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44982"
    },
    {
      "name": "CVE-2024-44983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
    },
    {
      "name": "CVE-2024-44985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44985"
    },
    {
      "name": "CVE-2024-44986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
    },
    {
      "name": "CVE-2024-44987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
    },
    {
      "name": "CVE-2024-44988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
    },
    {
      "name": "CVE-2024-44989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
    },
    {
      "name": "CVE-2024-44990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
    },
    {
      "name": "CVE-2024-44995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
    },
    {
      "name": "CVE-2024-44998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
    },
    {
      "name": "CVE-2024-44999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
    },
    {
      "name": "CVE-2024-45006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
    },
    {
      "name": "CVE-2024-45007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45007"
    },
    {
      "name": "CVE-2024-45008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
    },
    {
      "name": "CVE-2024-45009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45009"
    },
    {
      "name": "CVE-2024-45011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45011"
    },
    {
      "name": "CVE-2024-45016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45016"
    },
    {
      "name": "CVE-2024-45018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
    },
    {
      "name": "CVE-2024-45021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
    },
    {
      "name": "CVE-2024-45025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
    },
    {
      "name": "CVE-2024-45026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45026"
    },
    {
      "name": "CVE-2024-45028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45028"
    },
    {
      "name": "CVE-2024-46673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
    },
    {
      "name": "CVE-2024-46675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
    },
    {
      "name": "CVE-2024-46676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
    },
    {
      "name": "CVE-2024-46677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
    },
    {
      "name": "CVE-2024-46679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
    },
    {
      "name": "CVE-2024-46685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
    },
    {
      "name": "CVE-2024-46689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
    },
    {
      "name": "CVE-2024-46702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
    },
    {
      "name": "CVE-2024-46707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
    },
    {
      "name": "CVE-2024-46713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
    },
    {
      "name": "CVE-2024-46714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
    },
    {
      "name": "CVE-2024-46719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
    },
    {
      "name": "CVE-2024-46721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
    },
    {
      "name": "CVE-2024-46722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
    },
    {
      "name": "CVE-2024-46723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
    },
    {
      "name": "CVE-2024-46724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
    },
    {
      "name": "CVE-2024-46725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
    },
    {
      "name": "CVE-2024-46731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
    },
    {
      "name": "CVE-2024-46732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46732"
    },
    {
      "name": "CVE-2024-46737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
    },
    {
      "name": "CVE-2024-46738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
    },
    {
      "name": "CVE-2024-46739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
    },
    {
      "name": "CVE-2024-46740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
    },
    {
      "name": "CVE-2024-46743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
    },
    {
      "name": "CVE-2024-46744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
    },
    {
      "name": "CVE-2024-46745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
    },
    {
      "name": "CVE-2024-46746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46746"
    },
    {
      "name": "CVE-2024-46747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
    },
    {
      "name": "CVE-2024-46750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
    },
    {
      "name": "CVE-2024-46752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46752"
    },
    {
      "name": "CVE-2024-46755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
    },
    {
      "name": "CVE-2024-46756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
    },
    {
      "name": "CVE-2024-46757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
    },
    {
      "name": "CVE-2024-46758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
    },
    {
      "name": "CVE-2024-46759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
    },
    {
      "name": "CVE-2024-46761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
    },
    {
      "name": "CVE-2024-46763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
    },
    {
      "name": "CVE-2024-46771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
    },
    {
      "name": "CVE-2024-46777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
    },
    {
      "name": "CVE-2024-46780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
    },
    {
      "name": "CVE-2024-46781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
    },
    {
      "name": "CVE-2024-46782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
    },
    {
      "name": "CVE-2024-46783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
    },
    {
      "name": "CVE-2024-46791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
    },
    {
      "name": "CVE-2024-46795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46795"
    },
    {
      "name": "CVE-2024-46798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
    },
    {
      "name": "CVE-2024-46800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
    },
    {
      "name": "CVE-2024-46804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
    },
    {
      "name": "CVE-2024-46805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46805"
    },
    {
      "name": "CVE-2024-46807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46807"
    },
    {
      "name": "CVE-2024-46810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46810"
    },
    {
      "name": "CVE-2024-46814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
    },
    {
      "name": "CVE-2024-46815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
    },
    {
      "name": "CVE-2024-46817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
    },
    {
      "name": "CVE-2024-46818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
    },
    {
      "name": "CVE-2024-46819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
    },
    {
      "name": "CVE-2024-46822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
    },
    {
      "name": "CVE-2024-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
    },
    {
      "name": "CVE-2024-46829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
    },
    {
      "name": "CVE-2024-46832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
    },
    {
      "name": "CVE-2024-46840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
    },
    {
      "name": "CVE-2024-46844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
    },
    {
      "name": "CVE-2024-42272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42272"
    },
    {
      "name": "CVE-2024-42297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42297"
    },
    {
      "name": "CVE-2024-41082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41082"
    },
    {
      "name": "CVE-2024-42252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42252"
    },
    {
      "name": "CVE-2024-42265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42265"
    },
    {
      "name": "CVE-2024-42304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42304"
    },
    {
      "name": "CVE-2024-42305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42305"
    },
    {
      "name": "CVE-2024-42306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42306"
    },
    {
      "name": "CVE-2024-43828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43828"
    },
    {
      "name": "CVE-2024-43870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
    },
    {
      "name": "CVE-2024-43890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43890"
    },
    {
      "name": "CVE-2024-43914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43914"
    },
    {
      "name": "CVE-2024-44935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
    },
    {
      "name": "CVE-2024-44944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44944"
    },
    {
      "name": "CVE-2024-44948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44948"
    },
    {
      "name": "CVE-2024-44952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44952"
    },
    {
      "name": "CVE-2024-44954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44954"
    },
    {
      "name": "CVE-2024-44960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44960"
    },
    {
      "name": "CVE-2024-44965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44965"
    },
    {
      "name": "CVE-2024-44969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44969"
    },
    {
      "name": "CVE-2024-44971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44971"
    },
    {
      "name": "CVE-2024-47668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
    },
    {
      "name": "CVE-2023-52888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52888"
    },
    {
      "name": "CVE-2023-52918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52918"
    },
    {
      "name": "CVE-2024-41018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41018"
    },
    {
      "name": "CVE-2024-41019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41019"
    },
    {
      "name": "CVE-2024-41021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41021"
    },
    {
      "name": "CVE-2024-41029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41029"
    },
    {
      "name": "CVE-2024-41030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41030"
    },
    {
      "name": "CVE-2024-41033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41033"
    },
    {
      "name": "CVE-2024-41052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41052"
    },
    {
      "name": "CVE-2024-41053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41053"
    },
    {
      "name": "CVE-2024-41054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41054"
    },
    {
      "name": "CVE-2024-41067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41067"
    },
    {
      "name": "CVE-2024-41083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41083"
    },
    {
      "name": "CVE-2024-41085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
    },
    {
      "name": "CVE-2024-41086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41086"
    },
    {
      "name": "CVE-2024-42063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42063"
    },
    {
      "name": "CVE-2024-42065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42065"
    },
    {
      "name": "CVE-2024-42066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42066"
    },
    {
      "name": "CVE-2024-42067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42067"
    },
    {
      "name": "CVE-2024-42088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42088"
    },
    {
      "name": "CVE-2024-42091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42091"
    },
    {
      "name": "CVE-2024-42100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42100"
    },
    {
      "name": "CVE-2024-42103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42103"
    },
    {
      "name": "CVE-2024-42108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42108"
    },
    {
      "name": "CVE-2024-42111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42111"
    },
    {
      "name": "CVE-2024-42112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42112"
    },
    {
      "name": "CVE-2024-42118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42118"
    },
    {
      "name": "CVE-2024-42128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42128"
    },
    {
      "name": "CVE-2024-42129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42129"
    },
    {
      "name": "CVE-2024-42135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42135"
    },
    {
      "name": "CVE-2024-42146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42146"
    },
    {
      "name": "CVE-2024-42149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42149"
    },
    {
      "name": "CVE-2024-42150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42150"
    },
    {
      "name": "CVE-2024-42151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42151"
    },
    {
      "name": "CVE-2024-42231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42231"
    },
    {
      "name": "CVE-2024-42234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42234"
    },
    {
      "name": "CVE-2024-42235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42235"
    },
    {
      "name": "CVE-2024-42248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42248"
    },
    {
      "name": "CVE-2024-42251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42251"
    },
    {
      "name": "CVE-2024-47659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47659"
    },
    {
      "name": "CVE-2024-47663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47663"
    },
    {
      "name": "CVE-2024-47667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47667"
    },
    {
      "name": "CVE-2024-47669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47669"
    },
    {
      "name": "CVE-2020-8608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8608"
    },
    {
      "name": "CVE-2021-3592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3592"
    },
    {
      "name": "CVE-2021-3594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3594"
    },
    {
      "name": "CVE-2023-3019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3019"
    },
    {
      "name": "CVE-2024-42267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42267"
    },
    {
      "name": "CVE-2024-42296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42296"
    },
    {
      "name": "CVE-2024-42299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42299"
    },
    {
      "name": "CVE-2024-43869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
    },
    {
      "name": "CVE-2024-44934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44934"
    },
    {
      "name": "CVE-2024-44958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44958"
    },
    {
      "name": "CVE-2024-44966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44966"
    },
    {
      "name": "CVE-2024-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4693"
    },
    {
      "name": "CVE-2024-47660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47660"
    },
    {
      "name": "CVE-2024-47665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47665"
    },
    {
      "name": "CVE-2024-7730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7730"
    }
  ],
  "initial_release_date": "2024-11-18T00:00:00",
  "last_revision_date": "2024-11-18T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0997",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-11-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": "2024-11-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-5",
      "url": "https://ubuntu.com/security/notices/USN-7089-5"
    },
    {
      "published_at": "2024-11-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-1",
      "url": "https://ubuntu.com/security/notices/USN-7100-1"
    },
    {
      "published_at": "2024-11-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7110-1",
      "url": "https://ubuntu.com/security/notices/USN-7110-1"
    },
    {
      "published_at": "2024-11-15",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-6",
      "url": "https://ubuntu.com/security/notices/USN-7089-6"
    },
    {
      "published_at": "2024-11-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7100-2",
      "url": "https://ubuntu.com/security/notices/USN-7100-2"
    },
    {
      "published_at": "2024-11-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7089-4",
      "url": "https://ubuntu.com/security/notices/USN-7089-4"
    },
    {
      "published_at": "2024-11-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7088-5",
      "url": "https://ubuntu.com/security/notices/USN-7088-5"
    },
    {
      "published_at": "2024-11-14",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7071-2",
      "url": "https://ubuntu.com/security/notices/USN-7071-2"
    },
    {
      "published_at": "2024-11-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7094-1",
      "url": "https://ubuntu.com/security/notices/USN-7094-1"
    }
  ]
}

cve-2021-3594

Vulnerability from osv_almalinux

Published

2021-11-09 08:35

Modified

2021-12-23 15:15

Summary

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Details

Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.

Security Fix(es):

QEMU: net: e1000e: use-after-free while sending packets (CVE-2020-15859)
QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) (CVE-2021-3592)
QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) (CVE-2021-3593)
QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) (CVE-2021-3594)
QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) (CVE-2021-3595)
libvirt: Insecure sVirt label generation (CVE-2021-3631)
libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "hivex"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.18-21.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "hivex-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.18-21.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-bash-completion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-benchmarking"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-gfs2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-gobject"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-gobject-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-inspect-icons"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-java"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-java-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-javadoc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-man-pages-ja"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-man-pages-uk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-rescue"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-rsync"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-tools-c"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-winsupport"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "8.2-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libguestfs-xfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi-utils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libiscsi-utils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18.0-8.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libnbd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libnbd-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-admin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-bash-completion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-config-network"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-config-nwfilter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-interface"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-network"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-nodedev"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-nwfilter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-qemu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-secret"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-disk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-gluster"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-iscsi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-iscsi-direct"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-logical"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-mpath"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-rbd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-driver-storage-scsi"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-daemon-kvm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-dbus"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.0-2.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-dbus"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.0-2.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-docs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-lock-sanlock"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvirt-nss"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-37.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "lua-guestfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdfuse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-bash-completion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-basic-filters"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-basic-plugins"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-curl-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-example-plugins"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-gzip-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-linuxdisk-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-python-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-ssh-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-vddk-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "nbdkit-xz-filter"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.2-4.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "netcf-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8-12.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "perl-Sys-Guestfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "perl-Sys-Virt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "perl-hivex"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.18-21.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-hivex"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.18-21.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-libguestfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-libnbd"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python3-libvirt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.0-1.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ruby-hivex"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.18-21.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "ruby-libguestfs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "seabios"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.0-2.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "seabios-bin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.0-2.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "seavgabios-bin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.13.0-2.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "sgabios"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:0.20170427git-3.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "sgabios"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:0.20170427git-3.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "sgabios-bin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:0.20170427git-3.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "sgabios-bin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:0.20170427git-3.module_el8.6.0+2880+7d9e3703"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "supermin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.19-10.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "supermin-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.1.19-10.module_el8.5.0+2608+72063365"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "virt-dib"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "virt-v2v"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:1.40.2-28.module_el8.5.0+2608+72063365.alma"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* QEMU: net: e1000e: use-after-free while sending packets (CVE-2020-15859)\n\n* QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) (CVE-2021-3592)\n\n* QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) (CVE-2021-3593)\n\n* QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) (CVE-2021-3594)\n\n* QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) (CVE-2021-3595)\n\n* libvirt: Insecure sVirt label generation (CVE-2021-3631)\n\n* libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API (CVE-2021-3667)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2021:4191",
  "modified": "2021-12-23T15:15:26Z",
  "published": "2021-11-09T08:35:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2021-4191.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2020-15859"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3592"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3593"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3594"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3595"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3631"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2021-3667"
    }
  ],
  "related": [
    "CVE-2020-15859",
    "CVE-2021-3592",
    "CVE-2021-3593",
    "CVE-2021-3594",
    "CVE-2021-3595",
    "CVE-2021-3631",
    "CVE-2021-3667"
  ],
  "summary": "Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update"
}

CVE-2021-3594

Vulnerability from fstec - Published: 04.06.2021

Title

Уязвимость функции udp_input() компонента src/udp.c эмулятора TCP-IP Libslirp, позволяющая нарушителю получить доступ к конфиденциальным данным

Description

Уязвимость функции udp_input() компонента src/udp.c эмулятора TCP-IP Libslirp связана с доступом к неинициализированному указателю. Эксплуатация уязвимости может позволить нарушителю получить доступ к конфиденциальным данным

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Vendor

Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», АО «ИВК», Fabrice Bellard

Software Name

Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Альт 8 СП (запись в едином реестре российских программ №4305), Libslirp, QEMU

Software Version

10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), - (Альт 8 СП), до 4.6.0 (Libslirp), 4.7 (Astra Linux Special Edition), до 4.1.1 (QEMU)

Possible Mitigations

Для Libslirp: использование рекомендаций производителя: https://github.com/advisories/GHSA-wh9f-45px-j437 Для QEMU: использование рекомендаций производителя: https://github.com/advisories/GHSA-wh9f-45px-j437 Для Debian: использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2021-3594 Для ОС Astra Linux: обновить пакет libslirp до 4.4.0-1+deb11u2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0212SE17 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства Для Astra Linux Special Edition 4.7 для архитектуры ARM: обновить пакет libslirp до 4.4.0-1+deb11u2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47

Reference

https://github.com/advisories/GHSA-wh9f-45px-j437 https://gitlab.freedesktop.org/slirp/libslirp/-/commit/74572be49247c8c5feae7c6e0b50c4f569ca9824 https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 https://nvd.nist.gov/vuln/detail/CVE-2021-3594 https://security-tracker.debian.org/tracker/CVE-2021-3594 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0212SE17 https://altsp.su/obnovleniya-bezopasnosti/ https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47

CWE

CWE-824

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Fabrice Bellard",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 4.6.0 (Libslirp), 4.7 (Astra Linux Special Edition), \u0434\u043e 4.1.1 (QEMU)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Libslirp:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://github.com/advisories/GHSA-wh9f-45px-j437\n\n\u0414\u043b\u044f QEMU:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://github.com/advisories/GHSA-wh9f-45px-j437\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2021-3594\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 libslirp \u0434\u043e 4.4.0-1+deb11u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0212SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 libslirp \u0434\u043e 4.4.0-1+deb11u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.06.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.02.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01496",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-3594",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Libslirp, QEMU",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 udp_input() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 src/udp.c \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 TCP-IP Libslirp, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0414\u043e\u0441\u0442\u0443\u043f \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f (CWE-824)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 udp_input() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 src/udp.c \u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u0430 TCP-IP Libslirp \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044e. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/advisories/GHSA-wh9f-45px-j437\nhttps://gitlab.freedesktop.org/slirp/libslirp/-/commit/74572be49247c8c5feae7c6e0b50c4f569ca9824\nhttps://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3594\nhttps://security-tracker.debian.org/tracker/CVE-2021-3594\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0212SE17\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-824",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 2,1)\n\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,8)"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-3594 (GCVE-0-2021-3594)

FKIE_CVE-2021-3594

GHSA-WH9F-45PX-J437

CNVD-2021-45769

GSD-2021-3594

CERTFR-2024-AVI-0997

Solutions

cve-2021-3594

Vulnerability from osv_almalinux

CVE-2021-3594

Tags

Sightings

Nomenclature