Bug 1189547 (CVE-2021-29991)

Summary: VUL-0: CVE-2021-29991: MozillaFirefox,MozillaThunderbird: Header Splitting possible with HTTP/3 Responses (MFSA2021-37)
Product: [Novell Products] SUSE Security Incidents Reporter: Robert Frohl <rfrohl>
Component: IncidentsAssignee: Martin Sirringhaus <martin.sirringhaus>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: cgrobertson, wolfgang
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv3.1:SUSE:CVE-2021-29991:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Robert Frohl 2021-08-18 06:07:32 UTC
CVE-2021-29991: Header Splitting possible with HTTP/3 Responses

Reporter
    Neal Poole
Impact
    high

Description

Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3.

https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
Comment 1 OBSbugzilla Bot 2021-08-18 07:20:11 UTC
This is an autogenerated message for OBS integration:
This bug (1189547) was mentioned in
https://build.opensuse.org/request/show/912837 Factory / MozillaFirefox
Comment 2 OBSbugzilla Bot 2021-08-19 08:10:10 UTC
This is an autogenerated message for OBS integration:
This bug (1189547) was mentioned in
https://build.opensuse.org/request/show/913013 Factory / MozillaThunderbird
Comment 7 Swamp Workflow Management 2021-09-22 19:19:03 UTC
SUSE-SU-2021:3191-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-38492,CVE-2021-38495
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE OpenStack Cloud 9 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-91.1.0-112.71.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6
HPE Helion Openstack 8 (src):    MozillaFirefox-91.1.0-112.71.1, MozillaFirefox-branding-SLE-91-35.6.6

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2021-10-01 16:16:53 UTC
SUSE-SU-2021:14821-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-38492,CVE-2021-38495
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    MozillaFirefox-78.14.0-78.140.4
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    MozillaFirefox-78.14.0-78.140.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2021-10-11 19:30:30 UTC
openSUSE-SU-2021:3331-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    rust-cbindgen-0.19.0-1.9.1
Comment 13 Swamp Workflow Management 2021-10-11 19:37:50 UTC
SUSE-SU-2021:3331-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise Server for SAP 15 (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise Server 15-LTSS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE Enterprise Storage 6 (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1
SUSE CaaS Platform 4.0 (src):    MozillaFirefox-91.2.0-3.155.2, MozillaFirefox-branding-SLE-91-4.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Swamp Workflow Management 2021-10-16 13:15:56 UTC
openSUSE-SU-2021:3451-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    MozillaFirefox-91.2.0-8.54.1, MozillaFirefox-branding-SLE-91-9.5.1
Comment 16 Swamp Workflow Management 2021-10-16 13:18:06 UTC
SUSE-SU-2021:3451-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src):    MozillaFirefox-91.2.0-8.54.1, MozillaFirefox-branding-SLE-91-9.5.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src):    MozillaFirefox-91.2.0-8.54.1, MozillaFirefox-branding-SLE-91-9.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2021-10-18 13:19:16 UTC
SUSE-SU-2021:14826-1: An update that fixes 20 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: SLE-18626
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    MozillaFirefox-91.2.0-78.143.1, MozillaFirefox-branding-SLED-91-21.18.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    MozillaFirefox-91.2.0-78.143.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2021-10-18 16:20:19 UTC
openSUSE-SU-2021:1367-1: An update that fixes 20 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274,1190710,1191332
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    MozillaFirefox-91.2.0-lp152.2.67.1, rust-cbindgen-0.19.0-lp152.2.7.1
Comment 22 Swamp Workflow Management 2021-12-22 14:25:02 UTC
SUSE-SU-2021:4150-1: An update that fixes 33 vulnerabilities is now available.

Category: security (important)
Bug References: 1182863,1189547,1190244,1190269,1191332,1192250,1193485
CVE References: CVE-2021-29981,CVE-2021-29982,CVE-2021-29987,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38493,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501,CVE-2021-38502,CVE-2021-38503,CVE-2021-38504,CVE-2021-38505,CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509,CVE-2021-38510,CVE-2021-40529,CVE-2021-43528,CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539,CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545,CVE-2021-43546
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    MozillaThunderbird-91.4.0-8.45.2
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    MozillaThunderbird-91.4.0-8.45.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2021-12-22 14:38:17 UTC
openSUSE-SU-2021:4150-1: An update that fixes 33 vulnerabilities is now available.

Category: security (important)
Bug References: 1182863,1189547,1190244,1190269,1191332,1192250,1193485
CVE References: CVE-2021-29981,CVE-2021-29982,CVE-2021-29987,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38493,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501,CVE-2021-38502,CVE-2021-38503,CVE-2021-38504,CVE-2021-38505,CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509,CVE-2021-38510,CVE-2021-40529,CVE-2021-43528,CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539,CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545,CVE-2021-43546
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    MozillaThunderbird-91.4.0-8.45.2
Comment 24 Swamp Workflow Management 2021-12-29 14:17:00 UTC
openSUSE-SU-2021:1635-1: An update that fixes 33 vulnerabilities is now available.

Category: security (important)
Bug References: 1182863,1189547,1190244,1190269,1191332,1192250,1193485
CVE References: CVE-2021-29981,CVE-2021-29982,CVE-2021-29987,CVE-2021-29991,CVE-2021-32810,CVE-2021-38492,CVE-2021-38493,CVE-2021-38495,CVE-2021-38496,CVE-2021-38497,CVE-2021-38498,CVE-2021-38500,CVE-2021-38501,CVE-2021-38502,CVE-2021-38503,CVE-2021-38504,CVE-2021-38505,CVE-2021-38506,CVE-2021-38507,CVE-2021-38508,CVE-2021-38509,CVE-2021-38510,CVE-2021-40529,CVE-2021-43528,CVE-2021-43536,CVE-2021-43537,CVE-2021-43538,CVE-2021-43539,CVE-2021-43541,CVE-2021-43542,CVE-2021-43543,CVE-2021-43545,CVE-2021-43546
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    MozillaThunderbird-91.4.0-lp152.2.52.1
Comment 26 Swamp Workflow Management 2022-05-09 19:18:40 UTC
SUSE-SU-2022:1577-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-38492,CVE-2021-38495
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise Server for SAP 15 (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise Server 15-LTSS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE Enterprise Storage 6 (src):    MozillaFirefox-91.9.0-150000.150.34.1
SUSE CaaS Platform 4.0 (src):    MozillaFirefox-91.9.0-150000.150.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2022-05-09 19:19:55 UTC
SUSE-SU-2022:1582-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1188891,1189547,1190269,1190274
CVE References: CVE-2021-29980,CVE-2021-29981,CVE-2021-29982,CVE-2021-29983,CVE-2021-29984,CVE-2021-29985,CVE-2021-29986,CVE-2021-29987,CVE-2021-29988,CVE-2021-29989,CVE-2021-29990,CVE-2021-29991,CVE-2021-38492,CVE-2021-38495
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE OpenStack Cloud 9 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-91.9.0-112.104.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-91.9.0-112.104.1
HPE Helion Openstack 8 (src):    MozillaFirefox-91.9.0-112.104.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.