Details of VAR-202102-1093

ID

VAR-202102-1093

CVE

CVE-2021-27219

TITLE

GNOME GLib Vulnerability in conversion between numeric types in

Trust: 0.8

sources: JVNDB: JVNDB-2021-003857

DESCRIPTION

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. GNOME GLib Is vulnerable to a conversion error between numeric types.Denial of service (DoS) It may be put into a state. Currently there is no information about this vulnerability. Please keep an eye on CNNVD or manufacturer announcements. 8) - noarch 3. The following packages have been upgraded to a later upstream version: mingw-glib2 (2.66.7). These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Bug Fix(es): * Previously, systemtap dependencies were not included in the RHV-H channel. Therefore, systemtap could not be installed. In this release, the systemtap dependencies have been included in the channel, resolving the issue. (BZ#1903997) 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: GLib: Multiple vulnerabilities Date: July 07, 2021 Bugs: #768753, #775632 ID: 202107-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. Background ========== GLib is a library providing a number of GNOME's core objects and functions. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/glib < 2.66.8 >= 2.66.8 Description =========== Multiple vulnerabilities have been discovered in GLib. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All GLib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.66.8" References ========== [ 1 ] CVE-2021-27218 https://nvd.nist.gov/vuln/detail/CVE-2021-27218 [ 2 ] CVE-2021-27219 https://nvd.nist.gov/vuln/detail/CVE-2021-27219 [ 3 ] CVE-2021-28153 https://nvd.nist.gov/vuln/detail/CVE-2021-28153 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202107-13 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . 7.4) - x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: glib2 security update Advisory ID: RHSA-2021:2147-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2147 Issue date: 2021-05-31 CVE Names: CVE-2021-27219 ==================================================================== 1. Summary: An update for glib2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm ppc64: glib2-2.56.1-9.el7_9.ppc.rpm glib2-2.56.1-9.el7_9.ppc64.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-devel-2.56.1-9.el7_9.ppc.rpm glib2-devel-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-2.56.1-9.el7_9.ppc64le.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-devel-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-2.56.1-9.el7_9.s390.rpm glib2-2.56.1-9.el7_9.s390x.rpm glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-devel-2.56.1-9.el7_9.s390.rpm glib2-devel-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm ppc64: glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-fam-2.56.1-9.el7_9.ppc64.rpm glib2-static-2.56.1-9.el7_9.ppc.rpm glib2-static-2.56.1-9.el7_9.ppc64.rpm glib2-tests-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-fam-2.56.1-9.el7_9.ppc64le.rpm glib2-static-2.56.1-9.el7_9.ppc64le.rpm glib2-tests-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-fam-2.56.1-9.el7_9.s390x.rpm glib2-static-2.56.1-9.el7_9.s390.rpm glib2-static-2.56.1-9.el7_9.s390x.rpm glib2-tests-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYLS3ctzjgjWX9erEAQi/oBAAk7Y1nA3n84Zz7y/KwwhHGlbTLc0NXn4c nRQUpxJuScuvefAmM+Z73qxqxdM+hBQfDoodATPeTgYT7mYFnN3n+dTrv7Sg1kks aU9Q6d7HdRnk4mhOK3blYI8Ln5LYkcRcqmpyZ8sN14Cqffc+o5VEIwT6hht9/iZL UJQDhdbWT/EDXcZ7iV+1ahicKczm/XEZVkC8zAa9rcQlJ3JJ36gmMuCvmYbS4TOb 8UKNb2hpjkk9laGC5BWG8dnpzrdQnUXmd39n7rltLiIxoQeq3UWo44UCV7XZFcVT eoEt5o3no3+mlIcYto6u5lgfq83D/bI6OuRVRm3BaAp5lBNqPU6dzv2sxtWbKizR vIlmBmoWvYXbNxwkGZeQ5ZU3TTumCUOqIvT5KFIdurWPeknb9zD4Xt8JIuWNXwbV 1mv5jnAz8+v8LX2hQpUh2QPEpTi6GKDWhTE2w+Ulh4s0SCTICc8pjdyNx+PljDDx HyWwPu7veac0fewc+VHZzsTqrKFnH46+A6LIv2bySioa0oomxxWZrSg5BBx+tQXn ND/TjXaFnmrHVyDP7zD0PPBR13PlN8o++LK6oIADSrruc/1FPC7veEqFjMyHwemG nJyp479dwq4M7kpBgd9VfFTVjluCxYsA7FDwP+6q3k+ZJR6S0Dm5pXail/S1gPpw qTmrr3x9NbI=Nn9w -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.52

sources: NVD: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 164856 // PACKETSTORM: 163240 // PACKETSTORM: 163242 // PACKETSTORM: 163426 // PACKETSTORM: 162888 // PACKETSTORM: 162892 // PACKETSTORM: 162869 // PACKETSTORM: 162929

AFFECTED PRODUCTS

vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	broadcom	model:	brocade fabric operating system	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	active iq unified manager	scope:	eq	version:	-	Trust: 1.0
vendor:	gnome	model:	glib	scope:	lt	version:	2.67.3	Trust: 1.0
vendor:	gnome	model:	glib	scope:	lt	version:	2.66.6	Trust: 1.0
vendor:	gnome	model:	glib	scope:	gte	version:	2.67.0	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	netapp	model:	e-series performance analyzer	scope:	eq	version:	-	Trust: 1.0
vendor:	gnome	model:	glib	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-003857 // NVD: CVE-2021-27219

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-27219
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-27219
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202102-1181
value:	HIGH
Trust: 0.6
VULHUB:	VHN-386440
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-27219
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-27219
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-386440
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-27219
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-27219
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

PROBLEMTYPE DATA

problemtype:	CWE-681	Trust: 1.1
problemtype:	Incorrect conversion between numeric types (CWE-681) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-386440 // JVNDB: JVNDB-2021-003857 // NVD: CVE-2021-27219

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

TYPE

overflow

Trust: 0.7

sources: PACKETSTORM: 164856 // PACKETSTORM: 163240 // PACKETSTORM: 163242 // PACKETSTORM: 162888 // PACKETSTORM: 162892 // PACKETSTORM: 162869 // PACKETSTORM: 162929

PATCH

title:	CVE-2021-27219 (GHSL-2021-045)	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/	Trust: 0.8
title:	GNOME Glib Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142631	Trust: 0.6
title:	Amazon Linux AMI: ALAS-2021-1526	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1526	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1655	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1655	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-27219 log	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-27219	Trust: 0.1
title:	-	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1

sources: VULMON: CVE-2021-27219 // JVNDB: JVNDB-2021-003857 // CNNVD: CNNVD-202102-1181

EXTERNAL IDS

db:	NVD	id:	CVE-2021-27219	Trust: 3.4
db:	PACKETSTORM	id:	164856	Trust: 0.8
db:	PACKETSTORM	id:	163426	Trust: 0.8
db:	PACKETSTORM	id:	162869	Trust: 0.8
db:	PACKETSTORM	id:	162929	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-003857	Trust: 0.8
db:	PACKETSTORM	id:	161714	Trust: 0.7
db:	PACKETSTORM	id:	162884	Trust: 0.7
db:	PACKETSTORM	id:	163496	Trust: 0.7
db:	PACKETSTORM	id:	163133	Trust: 0.7
db:	PACKETSTORM	id:	163149	Trust: 0.7
db:	PACKETSTORM	id:	163267	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.0896	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3340	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.4083	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0818	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3019	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2180	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2711	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.2809	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1922	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2131	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2365	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3744	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1856	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2657	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0994	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0917	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2228	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2123	Trust: 0.6
db:	CS-HELP	id:	SB2021070711	Trust: 0.6
db:	CS-HELP	id:	SB2021060225	Trust: 0.6
db:	CS-HELP	id:	SB2021062703	Trust: 0.6
db:	CS-HELP	id:	SB2021053117	Trust: 0.6
db:	CS-HELP	id:	SB2021090833	Trust: 0.6
db:	CS-HELP	id:	SB2022011038	Trust: 0.6
db:	CS-HELP	id:	SB2021111130	Trust: 0.6
db:	CS-HELP	id:	SB2021071516	Trust: 0.6
db:	CS-HELP	id:	SB2021061422	Trust: 0.6
db:	CS-HELP	id:	SB2021122914	Trust: 0.6
db:	CS-HELP	id:	SB2021092220	Trust: 0.6
db:	CS-HELP	id:	SB2021062315	Trust: 0.6
db:	PACKETSTORM	id:	164452	Trust: 0.6
db:	CNNVD	id:	CNNVD-202102-1181	Trust: 0.6
db:	PACKETSTORM	id:	162892	Trust: 0.2
db:	PACKETSTORM	id:	163240	Trust: 0.2
db:	PACKETSTORM	id:	162888	Trust: 0.2
db:	PACKETSTORM	id:	163242	Trust: 0.2
db:	PACKETSTORM	id:	163191	Trust: 0.1
db:	PACKETSTORM	id:	163257	Trust: 0.1
db:	PACKETSTORM	id:	162895	Trust: 0.1
db:	PACKETSTORM	id:	162932	Trust: 0.1
db:	PACKETSTORM	id:	162893	Trust: 0.1
db:	PACKETSTORM	id:	162889	Trust: 0.1
db:	VULHUB	id:	VHN-386440	Trust: 0.1
db:	VULMON	id:	CVE-2021-27219	Trust: 0.1

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 164856 // PACKETSTORM: 163240 // PACKETSTORM: 163242 // PACKETSTORM: 163426 // PACKETSTORM: 162888 // PACKETSTORM: 162892 // PACKETSTORM: 162869 // PACKETSTORM: 162929 // JVNDB: JVNDB-2021-003857 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2021-27219	Trust: 2.2
url:	https://security.gentoo.org/glsa/202107-13	Trust: 1.9
url:	https://security.netapp.com/advisory/ntap-20210319-0004/	Trust: 1.8
url:	https://gitlab.gnome.org/gnome/glib/-/issues/2319	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html	Trust: 1.8
url:	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3cdev.mina.apache.org%3e	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3cdev.mina.apache.org%3e	Trust: 0.7
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2021-27219	Trust: 0.7
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.7
url:	https://access.redhat.com/security/team/key/	Trust: 0.7
url:	https://bugzilla.redhat.com/):	Trust: 0.7
url:	https://access.redhat.com/security/team/contact/	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/esb-2021.0818	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0917	Trust: 0.6
url:	https://packetstormsecurity.com/files/162869/red-hat-security-advisory-2021-2147-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021111130	Trust: 0.6
url:	https://packetstormsecurity.com/files/163149/red-hat-security-advisory-2021-2286-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/162884/red-hat-security-advisory-2021-2172-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2657	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0994	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2711	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.2809	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0896	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3744	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1922	Trust: 0.6
url:	https://packetstormsecurity.com/files/163426/gentoo-linux-security-advisory-202107-13.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/163133/red-hat-security-advisory-2021-2374-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2123	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021070711	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2365	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2180	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060225	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021122914	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.4083	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6520674	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021053117	Trust: 0.6
url:	https://packetstormsecurity.com/files/163496/red-hat-security-advisory-2021-2705-01.html	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6526532	Trust: 0.6
url:	https://vigilance.fr/vulnerability/gnome-glib-integer-overflow-via-g-bytes-new-34776	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2228	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021062703	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092220	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3019	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-glibc-vulnerability-affects-ibm-elastic-storage-system-cve-2021-27219/	Trust: 0.6
url:	https://packetstormsecurity.com/files/161714/ubuntu-security-notice-usn-4759-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1856	Trust: 0.6
url:	https://packetstormsecurity.com/files/163267/red-hat-security-advisory-2021-2532-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022011038	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2131	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3340	Trust: 0.6
url:	https://packetstormsecurity.com/files/164452/red-hat-security-advisory-2021-3748-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021061422	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021071516	Trust: 0.6
url:	https://packetstormsecurity.com/files/162929/red-hat-security-advisory-2021-2203-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021062315	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021090833	Trust: 0.6
url:	https://packetstormsecurity.com/files/164856/red-hat-security-advisory-2021-4526-03.html	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6518308	Trust: 0.6
url:	https://access.redhat.com/articles/11258	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27218	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24489	Trust: 0.2
url:	https://access.redhat.com/articles/2974891	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-24489	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/681.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2021-27219	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://alas.aws.amazon.com/alas-2021-1526.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4526	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-27218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-25217	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-25217	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2519	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3560	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2522	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3560	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3501	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3501	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28153	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2173	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2174	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2147	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2203	Trust: 0.1

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 164856 // PACKETSTORM: 163240 // PACKETSTORM: 163242 // PACKETSTORM: 162888 // PACKETSTORM: 162892 // PACKETSTORM: 162869 // PACKETSTORM: 162929

SOURCES

db:	VULHUB	id:	VHN-386440
db:	VULMON	id:	CVE-2021-27219
db:	PACKETSTORM	id:	164856
db:	PACKETSTORM	id:	163240
db:	PACKETSTORM	id:	163242
db:	PACKETSTORM	id:	163426
db:	PACKETSTORM	id:	162888
db:	PACKETSTORM	id:	162892
db:	PACKETSTORM	id:	162869
db:	PACKETSTORM	id:	162929
db:	JVNDB	id:	JVNDB-2021-003857
db:	CNNVD	id:	CNNVD-202102-1181
db:	NVD	id:	CVE-2021-27219

LAST UPDATE DATE

2025-06-24T21:39:17.862000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-386440	date:	2022-12-07T00:00:00
db:	VULMON	id:	CVE-2021-27219	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-003857	date:	2021-11-08T08:36:00
db:	CNNVD	id:	CNNVD-202102-1181	date:	2022-06-08T00:00:00
db:	NVD	id:	CVE-2021-27219	date:	2024-11-21T05:57:37.410

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-386440	date:	2021-02-15T00:00:00
db:	VULMON	id:	CVE-2021-27219	date:	2021-02-15T00:00:00
db:	PACKETSTORM	id:	164856	date:	2021-11-10T17:07:39
db:	PACKETSTORM	id:	163240	date:	2021-06-22T19:32:24
db:	PACKETSTORM	id:	163242	date:	2021-06-22T19:34:25
db:	PACKETSTORM	id:	163426	date:	2021-07-07T16:09:05
db:	PACKETSTORM	id:	162888	date:	2021-06-01T15:11:42
db:	PACKETSTORM	id:	162892	date:	2021-06-01T15:13:12
db:	PACKETSTORM	id:	162869	date:	2021-05-31T14:23:53
db:	PACKETSTORM	id:	162929	date:	2021-06-03T14:50:03
db:	JVNDB	id:	JVNDB-2021-003857	date:	2021-11-08T00:00:00
db:	CNNVD	id:	CNNVD-202102-1181	date:	2021-02-15T00:00:00
db:	NVD	id:	CVE-2021-27219	date:	2021-02-15T17:15:13.137