Linux Security
    Linux Security
    Linux Security

    Mageia 2021-0041: p11-kit security update

    Date 17 Jan 2021
    684
    Posted By LinuxSecurity Advisories
    Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc (CVE-2020-29361). A heap-based buffer over-read has been discovered in the RPC protocol used by
    MGASA-2021-0041 - Updated p11-kit packages fix security vulnerabilities
    
    Publication date: 17 Jan 2021
    URL: https://advisories.mageia.org/MGASA-2021-0041.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-29361,
         CVE-2020-29362,
         CVE-2020-29363
    
    Multiple integer overflows have been discovered in the array allocations in
    the p11-kit library and the p11-kit list command, where overflow checks are
    missing before calling realloc or calloc (CVE-2020-29361).
    
    A heap-based buffer over-read has been discovered in the RPC protocol used by
    the p11-kit server/remote commands and the client library. When the remote
    entity supplies a byte array through a serialized PKCS#11 function call, the
    receiving entity may allow the reading of up to 4 bytes of memory past the
    heap allocation (CVE-2020-29362).
    
    A heap-based buffer overflow has been discovered in the RPC protocol used by
    p11-kit server/remote commands and the client library. When the remote entity
    supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may
    not allocate sufficient length for the buffer to store the deserialized value
    (CVE-2020-29363).
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=27853
    - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2
    - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc
    - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x
    - https://github.com/p11-glue/p11-kit/releases/tag/0.23.22
    - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/4D5CLBYQ6GQU5KRRIBTSC4AOKNPX2JPE/
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29361
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29362
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29363
    
    SRPMS:
    - 7/core/p11-kit-0.23.22-1.mga7
    

    LinuxSecurity Poll

    Which is the best secure Linux distro for pentesting?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/50-which-is-the-best-secure-linux-distro-for-pentesting?task=poll.vote&format=json
    50
    radio
    [{"id":"174","title":"Kali Linux","votes":"6","type":"x","order":"1","pct":54.55,"resources":[]},{"id":"175","title":"Parrot OS","votes":"5","type":"x","order":"2","pct":45.45,"resources":[]},{"id":"176","title":"BlackArch Linux","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.