Details of VAR-202106-1921

ID

VAR-202106-1921

CVE

CVE-2021-23017

TITLE

nginx Vulnerability in determining boundary conditions in resolver

Trust: 0.8

sources: JVNDB: JVNDB-2021-007625

DESCRIPTION

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. nginx The resolver contains a vulnerability in determining boundary conditions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server of Nginx Company in the United States. Affected products and versions are as follows: nginx: 0.6.18, 0.6.19 0.6.20, 0.6.21, 0.6.22 0.6.23, 0.6.24, 0.6.25, 0.6.26, 0.6.27, 0.6. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.2/html/release_notes/ Security fixes: * nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017) * redis: Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626) * redis: Integer overflow issue with Streams (CVE-2021-32627) * redis: Integer overflow bug in the ziplist data structure (CVE-2021-32628) * redis: Integer overflow issue with intsets (CVE-2021-32687) * redis: Integer overflow issue with strings (CVE-2021-41099) * redis: Out of bounds read in lua debugger protocol parser (CVE-2021-32672) * redis: Denial of service via Redis Standard Protocol (RESP) request (CVE-2021-32675) * object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 (CVE-2021-23434) Bug fixes: * RHACM 2.2.9 images (BZ #1999601) 3. Bugs fixed (https://bugzilla.redhat.com/): 1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name 1999601 - RHACM 2.2.9 images 1999810 - CVE-2021-23434 object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets 2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request 2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser 2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure 2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams 2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack 2011020 - CVE-2021-41099 redis: Integer overflow issue with strings 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202105-38 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: nginx: Remote code execution Date: May 26, 2021 Bugs: #792087 ID: 202105-38 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability in nginx could lead to remote code execution. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/nginx < 1.21.0 >= 1.20.1:0 >= 1.21.0:mainline Description =========== It was discovered that nginx did not properly handle DNS responses when "resolver" directive is used. Workaround ========== There is no known workaround at this time. Resolution ========== All nginx users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.20.1" All nginx mainline users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-servers/nginx-1.21.0:mainline" References ========== [ 1 ] CVE-2021-23017 https://nvd.nist.gov/vuln/detail/CVE-2021-23017 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202105-38 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================= Ubuntu Security Notice USN-4967-2 May 27, 2021 nginx vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: nginx could be made to crash or run programs if it received specially crafted network traffic. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: nginx 1.10.3-0ubuntu0.16.04.5+esm1 nginx-common 1.10.3-0ubuntu0.16.04.5+esm1 nginx-core 1.10.3-0ubuntu0.16.04.5+esm1 nginx-extras 1.10.3-0ubuntu0.16.04.5+esm1 nginx-full 1.10.3-0ubuntu0.16.04.5+esm1 nginx-light 1.10.3-0ubuntu0.16.04.5+esm1 Ubuntu 14.04 ESM: nginx 1.4.6-1ubuntu3.9+esm2 nginx-common 1.4.6-1ubuntu3.9+esm2 nginx-core 1.4.6-1ubuntu3.9+esm2 nginx-extras 1.4.6-1ubuntu3.9+esm2 nginx-full 1.4.6-1ubuntu3.9+esm2 nginx-light 1.4.6-1ubuntu3.9+esm2 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: nginx:1.16 security update Advisory ID: RHSA-2021:2290-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2290 Issue date: 2021-06-08 CVE Names: CVE-2021-23017 ===================================================================== 1. Summary: An update for the nginx:1.16 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.1 Extended Update Support, and Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name 6. Package List: Red Hat Enterprise Linux AppStream EUS (v. 8.1): Source: nginx-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.src.rpm aarch64: nginx-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-debugsource-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-perl-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-mail-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-stream-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.aarch64.rpm noarch: nginx-all-modules-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.noarch.rpm nginx-filesystem-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.noarch.rpm ppc64le: nginx-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-debugsource-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-perl-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-mail-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-stream-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.ppc64le.rpm s390x: nginx-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-debugsource-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-perl-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-mail-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-stream-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.s390x.rpm x86_64: nginx-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-debugsource-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-perl-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-mail-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-stream-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.1.0+11153+6c3a40a9.1.x86_64.rpm Red Hat Enterprise Linux AppStream EUS (v. 8.2): Source: nginx-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.src.rpm aarch64: nginx-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-debugsource-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-perl-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-mail-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-stream-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.aarch64.rpm noarch: nginx-all-modules-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.noarch.rpm nginx-filesystem-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.noarch.rpm ppc64le: nginx-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-debugsource-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-perl-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-mail-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-stream-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.ppc64le.rpm s390x: nginx-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-debugsource-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-perl-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-mail-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-stream-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.s390x.rpm x86_64: nginx-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-debugsource-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-image-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-perl-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-perl-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-xslt-filter-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-mail-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-mail-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-stream-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm nginx-mod-stream-debuginfo-1.16.1-1.module+el8.2.0+11154+636e4c3b.1.x86_64.rpm Red Hat Enterprise Linux AppStream (v. 8): Source: nginx-1.16.1-2.module+el8.4.0+11155+68135136.1.src.rpm aarch64: nginx-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-debugsource-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-image-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-perl-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-perl-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-xslt-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-mail-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-mail-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-stream-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm nginx-mod-stream-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.aarch64.rpm noarch: nginx-all-modules-1.16.1-2.module+el8.4.0+11155+68135136.1.noarch.rpm nginx-filesystem-1.16.1-2.module+el8.4.0+11155+68135136.1.noarch.rpm ppc64le: nginx-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-debugsource-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-image-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-perl-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-perl-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-xslt-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-mail-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-mail-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-stream-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm nginx-mod-stream-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.ppc64le.rpm s390x: nginx-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-debugsource-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-image-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-perl-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-perl-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-xslt-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-mail-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-mail-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-stream-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm nginx-mod-stream-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.s390x.rpm x86_64: nginx-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-debugsource-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-image-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-image-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-perl-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-perl-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-xslt-filter-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-http-xslt-filter-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-mail-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-mail-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-stream-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm nginx-mod-stream-debuginfo-1.16.1-2.module+el8.4.0+11155+68135136.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-23017 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYL9JUNzjgjWX9erEAQjSfA/9H4Lh2lGSkUcGMgFMdswHlGjLWsVw88oj E8RnhgJTjDvtRGf+9f6+l2idvZ8Yu9vqDeLMGIPA1DeL4qY1cf9ONQWAUgQTXfc3 UbzeEL6xJJO8+3UWWj/QS8bamTAQ0AlcC8t6lY54bjsKpwJQbzqlKlCLDbtFHERj K8ya6dpSU2MBHaIZ0TAoM0I/rpfVrT4pzwJkmRuum5vGE/BDw2uykGCyV2MhcGfo SwhQBlsahaGGALWm6qX1sODtLgyM7o5ew006x0rmUnK36PoLyaR2J0dELDs+s/vd VgSzejuChb+OTauUvQ1r52DDojfzVxFwVkNjJ2N8nJnPOrHwLnYEfyFSVEcaO9MC wCFgEX1NSQ1k4O0kh/yADz19xPuhDN6uMUzDwg7X2rJJsWoaUEQlDWivM8J6D21R XFyOiA9AcIw3sU8TkBEhuNIaYnWlO4s9pF8ArEI7+Z6Npo5XHnYRktS3dK1Aa1A4 Eh4ziunoXJJqCX+1EveVIOSNCDPq/9CyU8iOCMZOQi67Id6Hhi1aRJ1UNw1oiR4k 1X/I+oWRrl3BSEKVBPWNCN0qCV97bwjl6wW9+PXhIDMe5dSNIF5zZ7o7smbCl3ix OBRavPU6umfqzWre430GMfMsj1VFx8Sj6gU7WPTeGWBgPW4tCUzj5d+C8CW0llH9 +wyUMMhwDBE= =GAHo -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: Red Hat Advanced Cluster Management for Kubernetes 2.1.11 General Availability release images, which provide a security fix and update the container images. Description: Red Hat Advanced Cluster Management for Kubernetes 2.1.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes. Container updates: * RHACM 2.1.11 images (BZ# 1999375) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. The following packages have been upgraded to a later upstream version: nginx (1.20.1)

Trust: 2.52

sources: NVD: CVE-2021-23017 // JVNDB: JVNDB-2021-007625 // VULHUB: VHN-381503 // PACKETSTORM: 164523 // PACKETSTORM: 162819 // PACKETSTORM: 162835 // PACKETSTORM: 162851 // PACKETSTORM: 162992 // PACKETSTORM: 163013 // PACKETSTORM: 164282 // PACKETSTORM: 164948 // PACKETSTORM: 165782

AFFECTED PRODUCTS

vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	f5	model:	nginx	scope:	lt	version:	1.20.1	Trust: 1.0
vendor:	netapp	model:	ontap select deploy administration utility	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	enterprise session border controller	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	communications operations monitor	scope:	eq	version:	3.4	Trust: 1.0
vendor:	oracle	model:	goldengate	scope:	lt	version:	21.4.0.0.0	Trust: 1.0
vendor:	oracle	model:	communications fraud monitor	scope:	lte	version:	4.4	Trust: 1.0
vendor:	oracle	model:	communications operations monitor	scope:	eq	version:	4.3	Trust: 1.0
vendor:	oracle	model:	communications operations monitor	scope:	eq	version:	4.4	Trust: 1.0
vendor:	oracle	model:	enterprise telephony fraud monitor	scope:	eq	version:	3.4	Trust: 1.0
vendor:	oracle	model:	communications fraud monitor	scope:	gte	version:	3.4	Trust: 1.0
vendor:	oracle	model:	communications operations monitor	scope:	eq	version:	4.2	Trust: 1.0
vendor:	oracle	model:	enterprise telephony fraud monitor	scope:	eq	version:	4.4	Trust: 1.0
vendor:	oracle	model:	enterprise communications broker	scope:	eq	version:	3.3.0	Trust: 1.0
vendor:	oracle	model:	enterprise telephony fraud monitor	scope:	eq	version:	4.3	Trust: 1.0
vendor:	oracle	model:	enterprise telephony fraud monitor	scope:	eq	version:	4.2	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	33	Trust: 1.0
vendor:	oracle	model:	communications control plane monitor	scope:	eq	version:	4.4	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	8.4	Trust: 1.0
vendor:	oracle	model:	communications control plane monitor	scope:	eq	version:	3.4	Trust: 1.0
vendor:	oracle	model:	communications control plane monitor	scope:	eq	version:	4.3	Trust: 1.0
vendor:	openresty	model:	openresty	scope:	lt	version:	1.19.3.2	Trust: 1.0
vendor:	oracle	model:	blockchain platform	scope:	lt	version:	21.1.2	Trust: 1.0
vendor:	oracle	model:	communications control plane monitor	scope:	eq	version:	4.2	Trust: 1.0
vendor:	f5	model:	nginx	scope:	gte	version:	0.6.18	Trust: 1.0
vendor:	oracle	model:	communications session border controller	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	enterprise session border controller	scope:	eq	version:	8.4	Trust: 1.0
vendor:	オラクル	model:	oracle communications operations monitor	scope:	-	version:	-	Trust: 0.8
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	オラクル	model:	oracle enterprise telephony fraud monitor	scope:	-	version:	-	Trust: 0.8
vendor:	オラクル	model:	oracle communications control plane monitor	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	nginx	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	ontap select deploy administration utility	scope:	-	version:	-	Trust: 0.8
vendor:	openresty	model:	openresty	scope:	-	version:	-	Trust: 0.8
vendor:	オラクル	model:	oracle communications fraud monitor	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-007625 // NVD: CVE-2021-23017

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-23017
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-23017
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202105-1581
value:	HIGH
Trust: 0.6
VULHUB:	VHN-381503
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-23017
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-381503
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-23017
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	2.2
impactScore:	5.5
version:	3.1
Trust: 1.0
NVD:	CVE-2021-23017
baseSeverity:	CRITICAL
baseScore:	9.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-381503 // CNNVD: CNNVD-202105-1581 // JVNDB: JVNDB-2021-007625 // NVD: CVE-2021-23017

PROBLEMTYPE DATA

problemtype:	CWE-193	Trust: 1.1
problemtype:	Boundary condition judgment (CWE-193) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-381503 // JVNDB: JVNDB-2021-007625 // NVD: CVE-2021-23017

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 162819 // PACKETSTORM: 162835 // PACKETSTORM: 162851 // CNNVD: CNNVD-202105-1581

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202105-1581

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-381503

PATCH

title:	Oracle Critical Patch Update Advisory - October 2021 Oracle Critical Patch Update	url:	https://support.f5.com/csp/article/K12331123	Trust: 0.8
title:	Nginx Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154683	Trust: 0.6

sources: CNNVD: CNNVD-202105-1581 // JVNDB: JVNDB-2021-007625

EXTERNAL IDS

db:	NVD	id:	CVE-2021-23017	Trust: 4.2
db:	PACKETSTORM	id:	167720	Trust: 1.7
db:	PACKETSTORM	id:	163013	Trust: 0.8
db:	PACKETSTORM	id:	162835	Trust: 0.8
db:	PACKETSTORM	id:	165782	Trust: 0.8
db:	PACKETSTORM	id:	162851	Trust: 0.8
db:	PACKETSTORM	id:	164948	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-007625	Trust: 0.8
db:	PACKETSTORM	id:	162830	Trust: 0.7
db:	PACKETSTORM	id:	163003	Trust: 0.7
db:	EXPLOIT-DB	id:	50973	Trust: 0.7
db:	PACKETSTORM	id:	164523	Trust: 0.7
db:	PACKETSTORM	id:	164282	Trust: 0.7
db:	PACKETSTORM	id:	164562	Trust: 0.6
db:	CS-HELP	id:	SB2021052543	Trust: 0.6
db:	CS-HELP	id:	SB2022041931	Trust: 0.6
db:	CS-HELP	id:	SB2021092811	Trust: 0.6
db:	CS-HELP	id:	SB2022071833	Trust: 0.6
db:	CS-HELP	id:	SB2021052901	Trust: 0.6
db:	CS-HELP	id:	SB2021060212	Trust: 0.6
db:	CS-HELP	id:	SB2021100722	Trust: 0.6
db:	CS-HELP	id:	SB2022012302	Trust: 0.6
db:	CS-HELP	id:	SB2021052713	Trust: 0.6
db:	CS-HELP	id:	SB2021060719	Trust: 0.6
db:	CS-HELP	id:	SB2021060948	Trust: 0.6
db:	CS-HELP	id:	SB2021061520	Trust: 0.6
db:	CS-HELP	id:	SB2022012747	Trust: 0.6
db:	CS-HELP	id:	SB2021062209	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3878	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1850	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3485	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1936	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1802	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3211	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3430	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1861	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1817	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2027	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1973	Trust: 0.6
db:	CXSECURITY	id:	WLB-2022070032	Trust: 0.6
db:	CNNVD	id:	CNNVD-202105-1581	Trust: 0.6
db:	PACKETSTORM	id:	162992	Trust: 0.2
db:	PACKETSTORM	id:	162819	Trust: 0.2
db:	PACKETSTORM	id:	162986	Trust: 0.1
db:	VULHUB	id:	VHN-381503	Trust: 0.1

sources: VULHUB: VHN-381503 // PACKETSTORM: 164523 // PACKETSTORM: 162819 // PACKETSTORM: 162835 // PACKETSTORM: 162851 // PACKETSTORM: 162992 // PACKETSTORM: 163013 // PACKETSTORM: 164282 // PACKETSTORM: 164948 // PACKETSTORM: 165782 // CNNVD: CNNVD-202105-1581 // JVNDB: JVNDB-2021-007625 // NVD: CVE-2021-23017

REFERENCES

url:	http://packetstormsecurity.com/files/167720/nginx-1.20.0-denial-of-service.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpuapr2022.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpuoct2021.html	Trust: 2.3
url:	https://security.netapp.com/advisory/ntap-20210708-0006/	Trust: 1.7
url:	http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23017	Trust: 1.7
url:	https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009%40%3cnotifications.apisix.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f%40%3cnotifications.apisix.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba%40%3cnotifications.apisix.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31%40%3cnotifications.apisix.apache.org%3e	Trust: 1.0
url:	https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c%40%3cnotifications.apisix.apache.org%3e	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7sfvyhc7oxteo4smbwxdvk6e5imeymee/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/gnkop2jr5l7kciztjrzdcupjtuonmc5i/	Trust: 1.0
url:	https://support.f5.com/csp/article/k12331123%2c	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7sfvyhc7oxteo4smbwxdvk6e5imeymee/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gnkop2jr5l7kciztjrzdcupjtuonmc5i/	Trust: 0.7
url:	https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba@%3cnotifications.apisix.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009@%3cnotifications.apisix.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f@%3cnotifications.apisix.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c@%3cnotifications.apisix.apache.org%3e	Trust: 0.7
url:	https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31@%3cnotifications.apisix.apache.org%3e	Trust: 0.7
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-23017	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://support.f5.com/csp/article/k12331123	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052713	Trust: 0.6
url:	https://packetstormsecurity.com/files/163003/red-hat-security-advisory-2021-2278-01.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/nginx-buffer-overflow-via-dns-server-response-35526	Trust: 0.6
url:	https://packetstormsecurity.com/files/164282/red-hat-security-advisory-2021-3653-01.html	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6492205	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022041931	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1802	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-f5-nginx-controller-affect-ibm-cloud-pak-for-automation/	Trust: 0.6
url:	https://packetstormsecurity.com/files/162851/ubuntu-security-notice-usn-4967-2.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060719	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3211	Trust: 0.6
url:	https://packetstormsecurity.com/files/164523/red-hat-security-advisory-2021-3873-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021100722	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3430	Trust: 0.6
url:	https://cxsecurity.com/issue/wlb-2022070032	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2027	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1850	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6483657	Trust: 0.6
url:	https://packetstormsecurity.com/files/162835/gentoo-linux-security-advisory-202105-38.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052901	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022071833	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052543	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060948	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1817	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3878	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021062209	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1973	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1936	Trust: 0.6
url:	https://www.exploit-db.com/exploits/50973	Trust: 0.6
url:	https://packetstormsecurity.com/files/164948/red-hat-security-advisory-2021-4618-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012302	Trust: 0.6
url:	https://packetstormsecurity.com/files/163013/red-hat-security-advisory-2021-2290-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092811	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3485	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021061520	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1861	Trust: 0.6
url:	https://www.ibm.com/support/pages/node/6525030	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012747	Trust: 0.6
url:	https://packetstormsecurity.com/files/162830/nginx-1.20.0-dns-resolver-off-by-one-heap-write.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/164562/red-hat-security-advisory-2021-3925-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/165782/red-hat-security-advisory-2022-0323-02.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060212	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22922	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-36222	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-37750	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22923	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22924	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-22922	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-22924	Trust: 0.3
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-36222	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-22923	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/team/key/	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-32626	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32687	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32626	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32675	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3653	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37750	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32675	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-41099	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3653	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32627	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32687	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32628	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32672	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32627	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32672	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-32628	Trust: 0.2
url:	https://ubuntu.com/security/notices/usn-4967-1	Trust: 0.2
url:	https://support.f5.com/csp/article/k12331123,	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23434	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-41099	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3873	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23434	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu2.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu8.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.9	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/glsa/202105-38	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-4967-2	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2259	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2290	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27777	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29154	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-31535	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:3653	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32399	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29650	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27777	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29154	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32399	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29650	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22555	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31535	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22555	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22947	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33929	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-0512	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32803	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3733	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33930	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32690	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3711	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4618	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3656	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3733	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36385	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3712	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32804	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33623	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33938	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33929	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36385	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3656	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32804	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22947	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-32690	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0512	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22946	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3711	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33930	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33623	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22946	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3712	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33938	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32803	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33928	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0323	Trust: 0.1

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 164523 // PACKETSTORM: 162992 // PACKETSTORM: 163013 // PACKETSTORM: 164282 // PACKETSTORM: 164948 // PACKETSTORM: 165782

SOURCES

db:	VULHUB	id:	VHN-381503
db:	PACKETSTORM	id:	164523
db:	PACKETSTORM	id:	162819
db:	PACKETSTORM	id:	162835
db:	PACKETSTORM	id:	162851
db:	PACKETSTORM	id:	162992
db:	PACKETSTORM	id:	163013
db:	PACKETSTORM	id:	164282
db:	PACKETSTORM	id:	164948
db:	PACKETSTORM	id:	165782
db:	CNNVD	id:	CNNVD-202105-1581
db:	JVNDB	id:	JVNDB-2021-007625
db:	NVD	id:	CVE-2021-23017

LAST UPDATE DATE

2025-12-22T20:10:26.072000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-381503	date:	2022-09-14T00:00:00
db:	CNNVD	id:	CNNVD-202105-1581	date:	2022-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-007625	date:	2022-02-18T01:21:00
db:	NVD	id:	CVE-2021-23017	date:	2023-11-07T03:30:29.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-381503	date:	2021-06-01T00:00:00
db:	PACKETSTORM	id:	164523	date:	2021-10-15T15:06:44
db:	PACKETSTORM	id:	162819	date:	2021-05-26T17:36:43
db:	PACKETSTORM	id:	162835	date:	2021-05-27T13:28:42
db:	PACKETSTORM	id:	162851	date:	2021-05-28T14:11:38
db:	PACKETSTORM	id:	162992	date:	2021-06-07T13:50:43
db:	PACKETSTORM	id:	163013	date:	2021-06-08T14:13:55
db:	PACKETSTORM	id:	164282	date:	2021-09-24T15:49:04
db:	PACKETSTORM	id:	164948	date:	2021-11-12T17:01:04
db:	PACKETSTORM	id:	165782	date:	2022-01-31T16:24:54
db:	CNNVD	id:	CNNVD-202105-1581	date:	2021-05-25T00:00:00
db:	JVNDB	id:	JVNDB-2021-007625	date:	2022-02-18T00:00:00
db:	NVD	id:	CVE-2021-23017	date:	2021-06-01T13:15:07.853