Описание
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
A flaw has been identified in zeromq. A heap-based buffer overflow is possible in zmq::tcp_read by resizing a fixed static allocator. The highest threat from this vulnerability is to system availability.
Отчет
Red Hat Enterprise Linux and Red Hat Ceph Storage are not affected by this flaw as they do not ship the vulnerable code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | zeromq3 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.6 High
CVSS3
Связанные уязвимости
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, ...
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
Уязвимость функции zmq::tcp_read() библиотеки libzmq библиотеки асинхронных сообщений ZeroMQ, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
8.6 High
CVSS3