[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3905/openvswitch
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 6 07:51:03 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
53f8b59c by Salvatore Bonaccorso at 2021-11-06T08:50:32+01:00
Add CVE-2021-3905/openvswitch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1914,8 +1914,13 @@ CVE-2021-43012
RESERVED
CVE-2021-43011
RESERVED
-CVE-2021-3905
+CVE-2021-3905 [External triggered memory leak in Open vSwitch while processing fragmented packets]
RESERVED
+ - openvswitch <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/openvswitch/ovs-issues/issues/226
+ NOTE: Introduced by: https://github.com/openvswitch/ovs/commit/640d4db788eda96bb904abcfc7de2327107bafe1 (v2.16.0)
+ NOTE: Fixed by: https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349
+
CVE-2021-3904 (grav is vulnerable to Improper Neutralization of Input During Web Page ...)
NOT-FOR-US: Grav CMS
CVE-2021-3903 (vim is vulnerable to Heap-based Buffer Overflow ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53f8b59c2fd372b1012cb4a64884e5e257ad0e02
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53f8b59c2fd372b1012cb4a64884e5e257ad0e02
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211106/ba48cfc2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list