Bugzilla – Bug 1189510
VUL-0: CVE-2021-20237: zeromq: Memory leaks via metadata messages processed by PUB sockets
Last modified: 2022-04-06 15:09:32 UTC
rh#1921989 A flaw was found in zeromq before 4.3.3. Messages with metadata are never processed by PUB sockets, but the metadata is kept referenced in the PUB object and never freed leading to memory leaks. References: https://github.com/zeromq/libzmq/pull/3935 https://github.com/zeromq/libzmq/security/advisories/GHSA-4p5v-h92w-6wxw https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22344 References: https://bugzilla.redhat.com/show_bug.cgi?id=1921989 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20237 https://access.redhat.com/security/cve/CVE-2021-20237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20237 https://github.com/zeromq/libzmq/security/advisories/GHSA-4p5v-h92w-6wxw
tracking as affected: - SUSE:SLE-15:Update/zeromq
Closing as duplicated. *** This bug has been marked as a duplicate of bug 1176259 ***