First Last Prev Next    This bug is not in your last search results.
Bug 1189491 - (CVE-2021-3700) VUL-1: CVE-2021-3700: usbredir: use-after-free in usbredirparser_serialize() in usbredirparser/usbredirparser.c
(CVE-2021-3700)
VUL-1: CVE-2021-3700: usbredir: use-after-free in usbredirparser_serialize() ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Ruediger Oertel
Security Team bot
https://smash.suse.de/issue/306380/
CVSSv3.1:SUSE:CVE-2021-3700:3.9:(AV:L...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-08-17 06:07 UTC by Robert Frohl
Modified: 2021-08-24 16:35 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2021-08-17 06:07:52 UTC 
rh#1992830

An use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in usbredirparser_serialize() in usbredirparser/usbredirparser.c when serializing large amounts of buffered write data in case of a slow or blocked destination.

Reference and upstream patch:
https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1992830
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3700
Comment 1 Robert Frohl 2021-08-17 06:08:42 UTC 
tracking as affected:

- SUSE:SLE-12-SP2:Update/usbredir
- SUSE:SLE-15:Update/usbredir
Comment 2 Ruediger Oertel 2021-08-24 11:55:43 UTC 
factory: (devel proj "hardware"): 913999
leap 15.2 913998
sle12 248752 ibs
sle15 248751 ibs
Comment 3 OBSbugzilla Bot 2021-08-24 12:30:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1189491) was mentioned in
https://build.opensuse.org/request/show/913998 15.2 / usbredir
First Last Prev Next    This bug is not in your last search results.