ID

VAR-202102-1093


CVE

CVE-2021-27219


TITLE

GNOME GLib  Vulnerability in conversion between numeric types in

Trust: 0.8

sources: JVNDB: JVNDB-2021-003857

DESCRIPTION

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. GNOME GLib Is vulnerable to a conversion error between numeric types.Denial of service (DoS) It may be put into a state. Currently there is no information about this vulnerability. Please keep an eye on CNNVD or manufacturer announcements. Description: Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers. Bug Fix(es): * WMCO patch pub-key-hash annotation to Linux node (BZ#1945248) * LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath (BZ#1952917) * Telemetry info not completely available to identify windows nodes (BZ#1955319) * WMCO incorrectly shows node as ready after a failed configuration (BZ#1956412) * kube-proxy service terminated unexpectedly after recreated LB service (BZ#1963263) 3. Solution: For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/4.7/windows_containers/window s-node-upgrades.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1945248 - WMCO patch pub-key-hash annotation to Linux node 1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM 1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath 1955319 - Telemetry info not completely available to identify windows nodes 1956412 - WMCO incorrectly shows node as ready after a failed configuration 1963263 - kube-proxy service terminated unexpectedly after recreated LB service 5. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1928172 - CVE-2020-13949 libthrift: potential DoS when processing untrusted payloads 1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 5. These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. 8.2) - aarch64, ppc64le, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: glib2 security update Advisory ID: RHSA-2021:2147-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2147 Issue date: 2021-05-31 CVE Names: CVE-2021-27219 ==================================================================== 1. Summary: An update for glib2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm ppc64: glib2-2.56.1-9.el7_9.ppc.rpm glib2-2.56.1-9.el7_9.ppc64.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-devel-2.56.1-9.el7_9.ppc.rpm glib2-devel-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-2.56.1-9.el7_9.ppc64le.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-devel-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-2.56.1-9.el7_9.s390.rpm glib2-2.56.1-9.el7_9.s390x.rpm glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-devel-2.56.1-9.el7_9.s390.rpm glib2-devel-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm ppc64: glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-fam-2.56.1-9.el7_9.ppc64.rpm glib2-static-2.56.1-9.el7_9.ppc.rpm glib2-static-2.56.1-9.el7_9.ppc64.rpm glib2-tests-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-fam-2.56.1-9.el7_9.ppc64le.rpm glib2-static-2.56.1-9.el7_9.ppc64le.rpm glib2-tests-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-fam-2.56.1-9.el7_9.s390x.rpm glib2-static-2.56.1-9.el7_9.s390.rpm glib2-static-2.56.1-9.el7_9.s390x.rpm glib2-tests-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYLS3ctzjgjWX9erEAQi/oBAAk7Y1nA3n84Zz7y/KwwhHGlbTLc0NXn4c nRQUpxJuScuvefAmM+Z73qxqxdM+hBQfDoodATPeTgYT7mYFnN3n+dTrv7Sg1kks aU9Q6d7HdRnk4mhOK3blYI8Ln5LYkcRcqmpyZ8sN14Cqffc+o5VEIwT6hht9/iZL UJQDhdbWT/EDXcZ7iV+1ahicKczm/XEZVkC8zAa9rcQlJ3JJ36gmMuCvmYbS4TOb 8UKNb2hpjkk9laGC5BWG8dnpzrdQnUXmd39n7rltLiIxoQeq3UWo44UCV7XZFcVT eoEt5o3no3+mlIcYto6u5lgfq83D/bI6OuRVRm3BaAp5lBNqPU6dzv2sxtWbKizR vIlmBmoWvYXbNxwkGZeQ5ZU3TTumCUOqIvT5KFIdurWPeknb9zD4Xt8JIuWNXwbV 1mv5jnAz8+v8LX2hQpUh2QPEpTi6GKDWhTE2w+Ulh4s0SCTICc8pjdyNx+PljDDx HyWwPu7veac0fewc+VHZzsTqrKFnH46+A6LIv2bySioa0oomxxWZrSg5BBx+tQXn ND/TjXaFnmrHVyDP7zD0PPBR13PlN8o++LK6oIADSrruc/1FPC7veEqFjMyHwemG nJyp479dwq4M7kpBgd9VfFTVjluCxYsA7FDwP+6q3k+ZJR6S0Dm5pXail/S1gPpw qTmrr3x9NbI=Nn9w -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: Openshift Logging Bug Fix Release (5.0.5) This release includes a security update. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html For Red Hat OpenShift Logging 5.0, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u pgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5

Trust: 2.43

sources: NVD: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 163257 // PACKETSTORM: 163276 // PACKETSTORM: 163240 // PACKETSTORM: 162889 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 163789

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:gnomemodel:glibscope:gteversion:2.67.0

Trust: 1.0

vendor:netappmodel:e-series performance analyzerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:broadcommodel:brocade fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:gnomemodel:glibscope:ltversion:2.67.3

Trust: 1.0

vendor:gnomemodel:glibscope:ltversion:2.66.6

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:gnomemodel:glibscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-003857 // NVD: CVE-2021-27219

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27219
value: HIGH

Trust: 1.0

NVD: CVE-2021-27219
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202102-1181
value: HIGH

Trust: 0.6

VULHUB: VHN-386440
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-27219
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-27219
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-386440
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-27219
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-27219
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

PROBLEMTYPE DATA

problemtype:CWE-681

Trust: 1.1

problemtype:Incorrect conversion between numeric types (CWE-681) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-386440 // JVNDB: JVNDB-2021-003857 // NVD: CVE-2021-27219

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

PATCH

title:CVE-2021-27219 (GHSL-2021-045)url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/

Trust: 0.8

title:GNOME Glib Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142631

Trust: 0.6

title:Amazon Linux AMI: ALAS-2021-1526url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1526

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1655url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1655

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-27219 log

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2021-27219

Trust: 0.1

title: - url:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // CNNVD: CNNVD-202102-1181

EXTERNAL IDS

db:NVDid:CVE-2021-27219

Trust: 3.3

db:PACKETSTORMid:163133

Trust: 0.8

db:PACKETSTORMid:162869

Trust: 0.8

db:JVNDBid:JVNDB-2021-003857

Trust: 0.8

db:PACKETSTORMid:164856

Trust: 0.7

db:PACKETSTORMid:161714

Trust: 0.7

db:PACKETSTORMid:162884

Trust: 0.7

db:PACKETSTORMid:163496

Trust: 0.7

db:PACKETSTORMid:163426

Trust: 0.7

db:PACKETSTORMid:163149

Trust: 0.7

db:PACKETSTORMid:163267

Trust: 0.7

db:PACKETSTORMid:162929

Trust: 0.7

db:AUSCERTid:ESB-2021.0896

Trust: 0.6

db:AUSCERTid:ESB-2021.3340

Trust: 0.6

db:AUSCERTid:ESB-2021.4083

Trust: 0.6

db:AUSCERTid:ESB-2021.0818

Trust: 0.6

db:AUSCERTid:ESB-2021.3019

Trust: 0.6

db:AUSCERTid:ESB-2021.2180

Trust: 0.6

db:AUSCERTid:ESB-2021.2711

Trust: 0.6

db:AUSCERTid:ESB-2022.2809

Trust: 0.6

db:AUSCERTid:ESB-2021.1922

Trust: 0.6

db:AUSCERTid:ESB-2021.2131

Trust: 0.6

db:AUSCERTid:ESB-2021.2365

Trust: 0.6

db:AUSCERTid:ESB-2021.3744

Trust: 0.6

db:AUSCERTid:ESB-2021.1856

Trust: 0.6

db:AUSCERTid:ESB-2021.2657

Trust: 0.6

db:AUSCERTid:ESB-2021.0994

Trust: 0.6

db:AUSCERTid:ESB-2021.0917

Trust: 0.6

db:AUSCERTid:ESB-2021.2228

Trust: 0.6

db:AUSCERTid:ESB-2021.2123

Trust: 0.6

db:CS-HELPid:SB2021070711

Trust: 0.6

db:CS-HELPid:SB2021060225

Trust: 0.6

db:CS-HELPid:SB2021062703

Trust: 0.6

db:CS-HELPid:SB2021053117

Trust: 0.6

db:CS-HELPid:SB2021090833

Trust: 0.6

db:CS-HELPid:SB2022011038

Trust: 0.6

db:CS-HELPid:SB2021111130

Trust: 0.6

db:CS-HELPid:SB2021071516

Trust: 0.6

db:CS-HELPid:SB2021061422

Trust: 0.6

db:CS-HELPid:SB2021122914

Trust: 0.6

db:CS-HELPid:SB2021092220

Trust: 0.6

db:CS-HELPid:SB2021062315

Trust: 0.6

db:PACKETSTORMid:164452

Trust: 0.6

db:CNNVDid:CNNVD-202102-1181

Trust: 0.6

db:PACKETSTORMid:163257

Trust: 0.2

db:PACKETSTORMid:162889

Trust: 0.2

db:PACKETSTORMid:163240

Trust: 0.2

db:PACKETSTORMid:163191

Trust: 0.1

db:PACKETSTORMid:162892

Trust: 0.1

db:PACKETSTORMid:162895

Trust: 0.1

db:PACKETSTORMid:162932

Trust: 0.1

db:PACKETSTORMid:162893

Trust: 0.1

db:PACKETSTORMid:162888

Trust: 0.1

db:PACKETSTORMid:163242

Trust: 0.1

db:VULHUBid:VHN-386440

Trust: 0.1

db:VULMONid:CVE-2021-27219

Trust: 0.1

db:PACKETSTORMid:163276

Trust: 0.1

db:PACKETSTORMid:163789

Trust: 0.1

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // PACKETSTORM: 163257 // PACKETSTORM: 163276 // PACKETSTORM: 163240 // PACKETSTORM: 162889 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 163789 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2021-27219

Trust: 1.9

url:https://security.netapp.com/advisory/ntap-20210319-0004/

Trust: 1.8

url:https://security.gentoo.org/glsa/202107-13

Trust: 1.8

url:https://gitlab.gnome.org/gnome/glib/-/issues/2319

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html

Trust: 1.8

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3cdev.mina.apache.org%3e

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/

Trust: 0.7

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3cdev.mina.apache.org%3e

Trust: 0.7

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2021-27219

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://www.auscert.org.au/bulletins/esb-2021.0818

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0917

Trust: 0.6

url:https://packetstormsecurity.com/files/162869/red-hat-security-advisory-2021-2147-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111130

Trust: 0.6

url:https://packetstormsecurity.com/files/163149/red-hat-security-advisory-2021-2286-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162884/red-hat-security-advisory-2021-2172-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2657

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0994

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2711

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2809

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0896

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3744

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1922

Trust: 0.6

url:https://packetstormsecurity.com/files/163426/gentoo-linux-security-advisory-202107-13.html

Trust: 0.6

url:https://packetstormsecurity.com/files/163133/red-hat-security-advisory-2021-2374-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2123

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021070711

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2365

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2180

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021060225

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021122914

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4083

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520674

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021053117

Trust: 0.6

url:https://packetstormsecurity.com/files/163496/red-hat-security-advisory-2021-2705-01.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6526532

Trust: 0.6

url:https://vigilance.fr/vulnerability/gnome-glib-integer-overflow-via-g-bytes-new-34776

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2228

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062703

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092220

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3019

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-glibc-vulnerability-affects-ibm-elastic-storage-system-cve-2021-27219/

Trust: 0.6

url:https://packetstormsecurity.com/files/161714/ubuntu-security-notice-usn-4759-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1856

Trust: 0.6

url:https://packetstormsecurity.com/files/163267/red-hat-security-advisory-2021-2532-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022011038

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2131

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3340

Trust: 0.6

url:https://packetstormsecurity.com/files/164452/red-hat-security-advisory-2021-3748-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021061422

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071516

Trust: 0.6

url:https://packetstormsecurity.com/files/162929/red-hat-security-advisory-2021-2203-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062315

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021090833

Trust: 0.6

url:https://packetstormsecurity.com/files/164856/red-hat-security-advisory-2021-4526-03.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6518308

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-25013

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-29361

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-2708

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8286

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-28196

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-15358

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8927

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-13434

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2017-14502

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-29362

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8285

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-14502

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-29363

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-9169

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-10228

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13434

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-2708

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2016-10228

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-25013

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8231

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-9169

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3326

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8284

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-27618

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-29362

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8284

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-15358

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20305

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8285

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8286

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-27618

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8927

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-3842

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13776

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29363

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24977

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-3842

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13776

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8231

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3449

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3450

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-24977

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29361

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-28196

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23336

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3114

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26116

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27619

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3177

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-25217

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/681.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2021-27219

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2021-1526.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3450

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2130

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/windows_containers/window

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3326

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25736

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28500

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28500

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26116

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28362

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/jaeger/jaeger_install/rhb

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2543

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23336

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27619

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23337

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24489

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-25217

Trust: 0.1

url:https://access.redhat.com/articles/2974891

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24489

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2519

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2171

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2147

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3121

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2374

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25039

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14347

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25712

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23240

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12364

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3520

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9951

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23239

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36242

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3537

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33909

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3518

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-32399

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9948

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28935

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3516

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25034

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25038

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14345

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14360

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3517

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3560

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20201

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25038

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3119

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25215

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9983

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14344

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14345

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14344

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28211

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25039

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33910

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25034

Trust: 0.1

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // PACKETSTORM: 163257 // PACKETSTORM: 163276 // PACKETSTORM: 163240 // PACKETSTORM: 162889 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 163789 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 163257 // PACKETSTORM: 163276 // PACKETSTORM: 163240 // PACKETSTORM: 162889 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 163789

SOURCES

db:VULHUBid:VHN-386440
db:VULMONid:CVE-2021-27219
db:JVNDBid:JVNDB-2021-003857
db:PACKETSTORMid:163257
db:PACKETSTORMid:163276
db:PACKETSTORMid:163240
db:PACKETSTORMid:162889
db:PACKETSTORMid:162869
db:PACKETSTORMid:163133
db:PACKETSTORMid:163789
db:CNNVDid:CNNVD-202102-1181
db:NVDid:CVE-2021-27219

LAST UPDATE DATE

2024-11-11T22:34:34.659000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-386440date:2022-12-07T00:00:00
db:VULMONid:CVE-2021-27219date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2021-003857date:2021-11-08T08:36:00
db:CNNVDid:CNNVD-202102-1181date:2022-06-08T00:00:00
db:NVDid:CVE-2021-27219date:2023-11-07T03:31:55.940

SOURCES RELEASE DATE

db:VULHUBid:VHN-386440date:2021-02-15T00:00:00
db:VULMONid:CVE-2021-27219date:2021-02-15T00:00:00
db:JVNDBid:JVNDB-2021-003857date:2021-11-08T00:00:00
db:PACKETSTORMid:163257date:2021-06-23T15:44:15
db:PACKETSTORMid:163276date:2021-06-24T17:54:53
db:PACKETSTORMid:163240date:2021-06-22T19:32:24
db:PACKETSTORMid:162889date:2021-06-01T15:11:50
db:PACKETSTORMid:162869date:2021-05-31T14:23:53
db:PACKETSTORMid:163133date:2021-06-14T15:54:54
db:PACKETSTORMid:163789date:2021-08-11T16:15:17
db:CNNVDid:CNNVD-202102-1181date:2021-02-15T00:00:00
db:NVDid:CVE-2021-27219date:2021-02-15T17:15:13.137