CVE-2021-20231: Use After Free
First published: Fri Jan 29 2021(Updated: )
GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client sending key_share extension. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar SIEM | <=7.5.0 GA | |
| IBM QRadar SIEM | <=7.4.3 GA - 7.4.3 FP4 | |
| IBM QRadar SIEM | <=7.3.3 GA - 7.3.3 FP10 | |
| redhat/gnutls | <3.7.1 | 3.7.1 |
| GNU GnuTLS | >=3.6.3<3.7.1 | |
| Redhat Enterprise Linux | =8.0 | |
| Fedoraproject Fedora | =34 | |
| Netapp Active Iq Unified Manager Vmware Vsphere | ||
| Netapp E-series Performance Analyzer |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/198173
- https://www.ibm.com/support/pages/node/6574787 (Advisory)
- https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1938147
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1938148
- https://gitlab.com/gnutls/gnutls/-/commit/15beb4b193b2714d88107e7dffca781798684e7e
- https://access.redhat.com/errata/RHSA-2021:4451
- https://access.redhat.com/security/cve/cve-2021-20231
- https://bugzilla.redhat.com/show_bug.cgi?id=1922276
- https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
- https://security.netapp.com/advisory/ntap-20210416-0005/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
- https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E
Frequently Asked Questions
What is CVE-2021-20231?
CVE-2021-20231 is a vulnerability in GnuTLS that allows for a denial of service attack by exploiting a use-after-free issue in client sending key_share extension.
What can an attacker do with CVE-2021-20231?
By exploiting CVE-2021-20231, an attacker can cause memory corruption and other consequences, leading to a denial of service.
Which software is affected by CVE-2021-20231?
IBM QRadar SIEM versions 7.5.0 GA, 7.4.3 GA - 7.4.3 FP4, and 7.3.3 GA - 7.3.3 FP10 are affected by CVE-2021-20231.
How severe is CVE-2021-20231?
CVE-2021-20231 has a severity rating of 7.4, which is considered high.
How can I fix CVE-2021-20231?
To fix CVE-2021-20231, you should apply the relevant patches provided by IBM for the affected versions of QRadar SIEM.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/remedy
- agent/author
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-20231
- agent/software-canonical-lookup
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/event
- collector/ibm-support
- source/IBM
- agent/tags
- agent/trending
- package-manager/redhat
- vendor/gnu
- canonical/gnu gnutls
- version/gnu gnutls/3.6.3
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- vendor/netapp
- canonical/netapp active iq unified manager vmware vsphere
- canonical/netapp e-series performance analyzer
- vendor/ibm
- canonical/ibm qradar siem
- version/ibm qradar siem/7.5.0 ga
- version/ibm qradar siem/7.4.3 ga - 7.4.3 fp4
- version/ibm qradar siem/7.3.3 ga - 7.3.3 fp10