Bug 1967397 (CVE-2021-3578)
Summary: | CVE-2021-3578 isync: unchecked pointer cast may lead to remote code execution | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED UPSTREAM | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | unspecified | CC: | lkundrak, mail, security-response-team | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | isync 1.3.6, isync 1.4.2 | Doc Type: | If docs needed, set a value | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2021-06-07 21:04:02 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | 1968626, 1968627 | ||||||||
Bug Blocks: | 1967404 | ||||||||
Attachments: |
|
Description
Marian Rehak
2021-06-03 06:01:30 UTC
Created attachment 1788788 [details]
fix for isync 1.3
Created attachment 1788789 [details]
fix isync 1.4
References: https://sourceforge.net/projects/isync/files/isync/1.3.6/ https://sourceforge.net/projects/isync/files/isync/1.4.2/ Created isync tracking bugs for this issue: Affects: epel-all [bug 1968627] Affects: fedora-all [bug 1968626] This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products. |