CVE-2021-3518: Use After Free
First published: Thu Apr 22 2021(Updated: )
libxml2. This issue was addressed with improved checks.
Credit: CVE-2021-3518 secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| rubygems/nokogiri | <1.11.4 | 1.11.4 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-91.el8 | 0:1.6.1-91.el8 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-3.el8 | 0:7.78.0-3.el8 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-80.el8 | 0:2.4.37-80.el8 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-41.el8 | 0:1.39.2-41.el8 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-11.el8 | 1:1.1.1g-11.el8 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-11.el8 | 0:1.0.0-11.el8 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-26.el8 | 0:0.4.10-26.el8 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-91.jbcs.el7 | 0:1.6.1-91.jbcs.el7 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-3.jbcs.el7 | 0:7.78.0-3.jbcs.el7 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-80.jbcs.el7 | 0:2.4.37-80.jbcs.el7 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-41.jbcs.el7 | 0:1.39.2-41.jbcs.el7 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-11.jbcs.el7 | 1:1.1.1g-11.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-11.jbcs.el7 | 0:1.0.0-11.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-26.jbcs.el7 | 0:0.4.10-26.jbcs.el7 |
| redhat/libxml2 | <0:2.9.7-9.el8_4.2 | 0:2.9.7-9.el8_4.2 |
| redhat/libxml2 | <2.9.11 | 2.9.11 |
| Apple macOS | <11.5 | 11.5 |
| tvOS | <14.7 | 14.7 |
| Apple iOS, iPadOS, and watchOS | <7.6 | 7.6 |
| IBM Security Verify Access OIDC Provider | <=10.0.0 | |
| libxml2-devel | <2.9.11 | |
| Debian | =9.0 | |
| Red Hat JBoss Core Services | ||
| Red Hat Enterprise Linux | =8.0 | |
| Fedora | =33 | |
| Fedora | =34 | |
| NetApp Active IQ Unified Manager for VMware vSphere | ||
| IBM Data ONTAP | ||
| NetApp ONTAP Antivirus Connector | ||
| NetApp Manageability SDK | ||
| NetApp ONTAP Select Deploy | ||
| NetApp SnapDrive for Windows | ||
| NetApp H410C | ||
| NetApp H410C | ||
| Oracle Communications Cloud Native Core Network Function Cloud Native Environment | =1.10.0 | |
| Oracle Enterprise Manager | =13.4.0.0 | |
| Oracle Enterprise Manager | =13.5.0.0 | |
| Oracle Enterprise Manager Ops Center | =12.4.0.0 | |
| Oracle MySQL Workbench CE | <=8.0.26 | |
| Oracle Peoplesoft Enterprise Campus Software Campus Community | =8.58 | |
| Oracle Real User Experience Insight | =13.4.1.0 | |
| Oracle Real User Experience Insight | =13.5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2021-3518
- https://bugzilla.redhat.com/show_bug.cgi?id=1954242
- https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://security.gentoo.org/glsa/202107-05
- https://security.netapp.com/advisory/ntap-20210625-0002/
- https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://nokogiri.org/CHANGELOG.html#1114-2021-05-14
- https://support.apple.com/kb/HT212601
- https://support.apple.com/kb/HT212602
- https://support.apple.com/kb/HT212604
- https://support.apple.com/kb/HT212605
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- http://seclists.org/fulldisclosure/2021/Jul/54
- http://seclists.org/fulldisclosure/2021/Jul/55
- http://seclists.org/fulldisclosure/2021/Jul/58
- http://seclists.org/fulldisclosure/2021/Jul/59
- https://github.com/advisories/GHSA-v4f8-2847-rwm7 (Advisory)
- https://www.cve.org/CVERecord?id=CVE-2021-3518 https://nvd.nist.gov/vuln/detail/CVE-2021-3518
- https://access.redhat.com/errata/RHSA-2022:1389
- https://access.redhat.com/errata/RHSA-2021:2569
- https://access.redhat.com/errata/RHSA-2022:1390
- https://access.redhat.com/errata/RHBA-2021:2854
- https://access.redhat.com/security/cve/cve-2021-3518
- https://support.apple.com/en-us/HT212602 (Advisory)
- https://support.apple.com/en-us/HT212605 (Advisory)
- https://support.apple.com/en-us/HT212604 (Advisory)
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/237
- https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1954243
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1954244
- https://access.redhat.com/support/policy/updates/errata
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://exchange.xforce.ibmcloud.com/vulnerabilities/203144
- https://www.ibm.com/support/pages/node/6493729
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30805
- CVE-2021-30871
- CVE-2021-30790
- CVE-2021-31006
- CVE-2021-30781
- CVE-2021-30748
- CVE-2021-30775
- CVE-2021-30776
- CVE-2021-30786
- CVE-2021-30772
- CVE-2021-30783
- CVE-2021-30777
- CVE-2021-30789
- CVE-2021-30774
- CVE-2021-30780
- CVE-2021-30768
- CVE-2021-30817
- CVE-2021-30804
- CVE-2021-30760
- CVE-2021-30788
- CVE-2021-30759
- CVE-2021-30803
- CVE-2021-30779
- CVE-2021-30785
- CVE-2021-30787
- CVE-2021-30766
- CVE-2021-30765
- CVE-2021-30784
- CVE-2021-30793
- CVE-2021-30778
- CVE-2021-30677
- CVE-2021-3518
- CVE-2021-30796
- CVE-2021-30792
- CVE-2021-30791
- CVE-2021-1821
- CVE-2021-30782
- CVE-2021-31004
- CVE-2021-30798
- CVE-2021-30758
- CVE-2021-30795
- CVE-2021-30797
- CVE-2021-30799
- CVE-2021-30773
- CVE-2021-30802
- CVE-2021-30769
- CVE-2021-30770
- CVE-2021-30763
Frequently Asked Questions
What is CVE-2021-3518?
CVE-2021-3518 is a vulnerability in libxml2 before version 2.9.11 that allows an attacker to trigger a use-after-free by submitting a crafted file to an application linked with libxml2.
What is the impact of CVE-2021-3518?
The greatest impact of CVE-2021-3518 is to the confidentiality, integrity, and availability of the affected system.
Which software versions are affected by CVE-2021-3518?
CVE-2021-3518 affects Apple watchOS up to version 7.6, Apple tvOS up to version 14.7, Apple macOS Big Sur up to version 11.5, and various packages from Red Hat.
How can I fix CVE-2021-3518?
To fix CVE-2021-3518, update to libxml2 version 2.9.11 or later for Apple products, and apply the relevant patches or updates for Red Hat packages.
Where can I find more information about CVE-2021-3518?
You can find more information about CVE-2021-3518 on the Apple support website at the provided reference links.
- collector/github-advisory
- alias/GHSA-v4f8-2847-rwm7
- alias/CVE-2021-3518
- collector/github-advisory-latest
- package-manager/rubygems
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/remedy
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/references
- agent/trending
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/source
- agent/author
- collector/ibm-support
- source/IBM
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- collector/nvd-cve
- package-manager/redhat
- vendor/apple
- canonical/apple macos
- canonical/tvos
- canonical/apple ios, ipados, and watchos
- vendor/ibm
- canonical/ibm security verify access oidc provider
- version/ibm security verify access oidc provider/10.0.0
- vendor/xmlsoft
- canonical/libxml2-devel
- vendor/debian
- canonical/debian
- version/debian/9.0
- vendor/redhat
- canonical/red hat jboss core services
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/33
- version/fedora/34
- vendor/netapp
- canonical/netapp active iq unified manager for vmware vsphere
- canonical/ibm data ontap
- canonical/netapp ontap antivirus connector
- canonical/netapp manageability sdk
- canonical/netapp ontap select deploy
- canonical/netapp snapdrive for windows
- canonical/netapp h410c
- vendor/oracle
- canonical/oracle communications cloud native core network function cloud native environment
- version/oracle communications cloud native core network function cloud native environment/1.10.0
- canonical/oracle enterprise manager
- version/oracle enterprise manager/13.4.0.0
- version/oracle enterprise manager/13.5.0.0
- canonical/oracle enterprise manager ops center
- version/oracle enterprise manager ops center/12.4.0.0
- canonical/oracle mysql workbench ce
- version/oracle mysql workbench ce/8.0.26
- canonical/oracle peoplesoft enterprise campus software campus community
- version/oracle peoplesoft enterprise campus software campus community/8.58
- canonical/oracle real user experience insight
- version/oracle real user experience insight/13.4.1.0
- version/oracle real user experience insight/13.5.1.0