CVE Vulnerabilities

CVE-2021-3518

Use After Free

Published: May 18, 2021 | Modified: Nov 21, 2024
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
8.6 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Ubuntu
MEDIUM

Theres a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Weakness

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.

Affected Software

Name Vendor Start Version End Version
Libxml2 Xmlsoft * 2.9.11 (excluding)
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-apr-util-0:1.6.1-91.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-curl-0:7.78.0-3.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-httpd-0:2.4.37-80.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-mod_cluster-native-0:1.3.16-10.Final_redhat_2.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-mod_http2-0:1.15.7-22.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-mod_jk-0:1.2.48-29.redhat_1.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-mod_md-1:2.0.8-41.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-mod_security-0:2.9.2-68.GA.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-nghttp2-0:1.39.2-41.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-openssl-1:1.1.1g-11.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-openssl-chil-0:1.0.0-11.el8jbcs *
JBoss Core Services for RHEL 8 RedHat jbcs-httpd24-openssl-pkcs11-0:0.4.10-26.el8jbcs *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-apr-util-0:1.6.1-91.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-curl-0:7.78.0-3.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-httpd-0:2.4.37-80.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_cluster-native-0:1.3.16-10.Final_redhat_2.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_http2-0:1.15.7-22.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_jk-0:1.2.48-29.redhat_1.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_md-1:2.0.8-41.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_security-0:2.9.2-68.GA.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-nghttp2-0:1.39.2-41.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-openssl-1:1.1.1g-11.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-openssl-chil-0:1.0.0-11.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-openssl-pkcs11-0:0.4.10-26.jbcs.el7 *
Red Hat Enterprise Linux 8 RedHat libxml2-0:2.9.7-9.el8_4.2 *
Red Hat Enterprise Linux 8 RedHat libxml2-0:2.9.7-9.el8_4.2 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-controller-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-log-reader-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-must-gather-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-operator-bundle:v1.4.6-5 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-registry-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-rsync-transfer-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-ui-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-velero-plugin-for-aws-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8:v1.4.6-3 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8:v1.4.6-4 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-velero-restic-restore-helper-rhel8:v1.4.6-5 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-migration-velero-rhel8:v1.4.6-5 *
Red Hat Migration Toolkit for Containers 1.4 RedHat rhmtc/openshift-velero-plugin-rhel8:v1.4.6-4 *
Text-Only JBCS RedHat libxml2 *
Libxml2 Ubuntu bionic *
Libxml2 Ubuntu esm-infra-legacy/trusty *
Libxml2 Ubuntu esm-infra/bionic *
Libxml2 Ubuntu esm-infra/focal *
Libxml2 Ubuntu esm-infra/xenial *
Libxml2 Ubuntu focal *
Libxml2 Ubuntu groovy *
Libxml2 Ubuntu hirsute *
Libxml2 Ubuntu precise/esm *
Libxml2 Ubuntu trusty *
Libxml2 Ubuntu trusty/esm *
Libxml2 Ubuntu upstream *
Libxml2 Ubuntu xenial *

Potential Mitigations

References