An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption. References: https://github.com/debauchee/barrier/releases/tag/v2.4.0 http://www.openwall.com/lists/oss-security/2021/11/02/4
Created barrier tracking bugs for this issue: Affects: epel-8 [bug 2022096] Affects: fedora-all [bug 2022095]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.