Log

AVG-2315 created at 24 Aug 2021 14:07:48
Packages
+ openssl
Issues
+ CVE-2021-3711
+ CVE-2021-3712
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 1.1.1.k-1
Fixed
Ticket
Advisory qualified
+ Yes
References
Notes
CVE-2021-3712 created at 24 Aug 2021 14:07:48
AVG-2315 created at 24 Aug 2021 14:07:48
Packages
+ openssl
Issues
+ CVE-2021-3711
+ CVE-2021-3712
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 1.1.1.k-1
Fixed
Ticket
Advisory qualified
+ Yes
References
Notes
CVE-2021-3711 created at 24 Aug 2021 14:07:48
CVE-2021-3587 deleted at 24 Aug 2021 11:35:38
Severity
- Low
Remote
- Local
Type
- Denial of service
Description
- There is a null pointer dereference in llcp_sock_getname in net/nfc/llcp_sock.c of the Linux kernel. An unprivileged user can trigger this bug and cause denial of service.
References
- https://www.openwall.com/lists/oss-security/2021/06/01/1
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.10&id=0c4559736d9a4ec1ca58ba98ca34e7c4da4c422b
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.43&id=48ee0db61c8299022ec88c79ad137f290196cac2
Notes
- This CVE has been rejected as a duplicate of CVE-2021-38208.
CVE-2021-3587 edited at 24 Aug 2021 11:35:34
Notes
+ This CVE has been rejected as a duplicate of CVE-2021-38208.
AVG-2066 edited at 24 Aug 2021 11:35:16
Issues
CVE-2021-3564
CVE-2021-3573
- CVE-2021-3587
+ CVE-2021-38208
AVG-2065 edited at 24 Aug 2021 11:35:09
Issues
CVE-2021-3564
CVE-2021-3573
- CVE-2021-3587
+ CVE-2021-38208
AVG-2064 edited at 24 Aug 2021 11:35:02
Issues
CVE-2021-3564
CVE-2021-3573
- CVE-2021-3587
+ CVE-2021-38208
AVG-2063 edited at 24 Aug 2021 11:34:58
Issues
CVE-2021-3564
CVE-2021-3573
- CVE-2021-3587
+ CVE-2021-38208
CVE-2021-38208 created at 24 Aug 2021 11:34:30
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.
References
+ https://www.openwall.com/lists/oss-security/2021/06/01/1
+ https://www.openwall.com/lists/oss-security/2021/08/24/2
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.10&id=0c4559736d9a4ec1ca58ba98ca34e7c4da4c422b
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.43&id=48ee0db61c8299022ec88c79ad137f290196cac2
Notes
AVG-2276 edited at 24 Aug 2021 10:44:15
Advisory qualified
- Yes
+ No