CVE-2021-20232: Use After Free
First published: Fri Jan 29 2021(Updated: )
GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client_send_params in lib/ext/pre_shared_key.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar SIEM | <=7.5.0 GA | |
| IBM QRadar SIEM | <=7.4.3 GA - 7.4.3 FP4 | |
| IBM QRadar SIEM | <=7.3.3 GA - 7.3.3 FP10 | |
| redhat/gnutls | <3.7.1 | 3.7.1 |
| GNU GnuTLS | >=3.6.3<3.7.1 | |
| Redhat Enterprise Linux | =8.0 | |
| Fedoraproject Fedora | =34 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/198172
- https://www.ibm.com/support/pages/node/6574787 (Advisory)
- https://gitlab.com/gnutls/gnutls/-/issues/1151
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1938149
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1938150
- https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
- https://gitlab.com/gnutls/gnutls/-/commit/75a937d97f4fefc6f9b08e3791f151445f551cb3
- https://access.redhat.com/errata/RHSA-2021:4451
- https://access.redhat.com/security/cve/cve-2021-20232
- https://bugzilla.redhat.com/show_bug.cgi?id=1922275
- https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
- https://security.netapp.com/advisory/ntap-20210416-0005/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
- https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E
- https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E
Frequently Asked Questions
What is CVE-2021-20232?
CVE-2021-20232 is a vulnerability in GnuTLS that could allow an attacker to cause a denial of service by exploiting a use-after-free issue in client_send_params in lib/ext/pre_shared_key.c.
How does CVE-2021-20232 impact GnuTLS?
CVE-2021-20232 could lead to memory corruption and other consequences, potentially resulting in a denial of service.
What is the severity of CVE-2021-20232?
CVE-2021-20232 has a severity rating of 7.4, which is considered high.
How can I fix CVE-2021-20232 in IBM QRadar SIEM version 7.5.0 GA?
To fix CVE-2021-20232 in IBM QRadar SIEM version 7.5.0 GA, you should apply the patch available at the following URL: [Patch URL]
How can I fix CVE-2021-20232 in IBM QRadar SIEM version 7.4.3 GA - 7.4.3 FP4?
To fix CVE-2021-20232 in IBM QRadar SIEM version 7.4.3 GA - 7.4.3 FP4, you should apply the patch available at the following URL: [Patch URL]
How can I fix CVE-2021-20232 in IBM QRadar SIEM version 7.3.3 GA - 7.3.3 FP10?
To fix CVE-2021-20232 in IBM QRadar SIEM version 7.3.3 GA - 7.3.3 FP10, you should apply the patch available at the following URL: [Patch URL]
- agent/type
- agent/first-publish-date
- agent/severity
- agent/remedy
- agent/author
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-20232
- agent/software-canonical-lookup
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- package-manager/redhat
- vendor/gnu
- canonical/gnu gnutls
- version/gnu gnutls/3.6.3
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- vendor/ibm
- canonical/ibm qradar siem
- version/ibm qradar siem/7.5.0 ga
- version/ibm qradar siem/7.4.3 ga - 7.4.3 fp4
- version/ibm qradar siem/7.3.3 ga - 7.3.3 fp10