Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
15 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
02 Dec 2021, 20:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y6T4HYXXSUQCGJB2ES6X7Q74YYF7V7XU/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMSFT2NJDZ7PATRZSQPAOGSE7JD6ELOB/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GFXJRHPE5OSCPTNA3ZZ4ORDHT4JQH3Y4/ - Mailing List, Third Party Advisory |
30 Sep 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Sep 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Aug 2021, 17:02
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:a:libspf2:libspf2:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1993070 - Issue Tracking, Patch, Third Party Advisory |
12 Aug 2021, 15:39
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-12 15:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-20314
Mitre link : CVE-2021-20314
CVE.ORG link : CVE-2021-20314
JSON object : View
Products Affected
redhat
- enterprise_linux
libspf2
- libspf2
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write