CVE-2021-43667: Null Pointer Dereference
First published: Thu Nov 18 2021(Updated: )
A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linuxfoundation Fabric | =1.4.0 | |
| Linuxfoundation Fabric | =2.0.0 | |
| Linuxfoundation Fabric | =2.1.0 | |
| =1.4.0 | ||
| =2.0.0 | ||
| =2.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linuxfoundation
- canonical/linuxfoundation fabric
- version/linuxfoundation fabric/1.4.0
- version/linuxfoundation fabric/2.0.0
- version/linuxfoundation fabric/2.1.0