What Are You Looking For?

Sign Up
MGASA-2022-0133 - Updated usbredir packages fix security vulnerability

Publication date: 09 Apr 2022
URL: https://advisories.mageia.org/MGASA-2022-0133.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3700

A use-after-free vulnerability was found in usbredir in versions prior to
0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c.
This issue occurs when serializing large amounts of buffered write data in
the case of a slow or blocked destination. (CVE-2021-3700)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30194
- https://www.debian.org/lts/security/2022/dla-2958
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3700

SRPMS:
- 8/core/usbredir-0.8.0-3.1.mga8

Mageia 2022-0133: usbredir security update

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c

Summary

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination. (CVE-2021-3700)

References

- https://bugs.mageia.org/show_bug.cgi?id=30194

- https://www.debian.org/lts/security/2022/dla-2958

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3700

Resolution

MGASA-2022-0133 - Updated usbredir packages fix security vulnerability

SRPMS

- 8/core/usbredir-0.8.0-3.1.mga8

Severity
Publication date: 09 Apr 2022
URL: https://advisories.mageia.org/MGASA-2022-0133.html
Type: security
CVE: CVE-2021-3700

Related News

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

The Rust Foundation to Develop Training and Certification Program

Dec 3, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo