Debian 9 DLA-2588-1 Critical: Zeromq3 Memory Leak And Heap Overflow
debian lts
March 10, 2021
Two security issues have been detected in zeromq3
Summary
CVE-2021-20234
Memory leak in client induced by malicious server(s) without CURVE/ZAP.
From issue description [1].
When a pipe processes a delimiter and is already not in active state but
still has an unfinished message, the message is leaked.
CVE-2021-20235
Heap overflow when receiving malformed ZMTP v1 packets.
From issue description [2].
The static allocator was implemented to shrink its recorded size similarly
to the shared allocator. But it does not need to, and it should not,
because unlike the shared one the static allocator always uses a static
buffer, with a size defined by the ZMQ_IN_BATCH_SIZE socket option
(default 8192), so changing the size opens the library to heap overflows.
The static allocator is used only with ZMTP v1 peers.
[1] https://github.com/zeromq/libzmq/security/advisories/GHSA-wfr2-29gj-5w87
[2] https://github.com/zeromq/libzmq/security/advisories/GHSA-fc3w-qxf5-7hp6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: zeromq3
Version: 4.2.1-4+deb9u4
CVE ID: CVE-2021-20234 CVE-2021-20235
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!