Fix of CVE: CVE-2021-21704, CVE-2021-21703, CVE-2021-21705

2021-11-2313:13:13

repo.cloudlinux.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.7%

JSON

CVE-2021-21704: fix integer overflow and subsequent incorrect buffer allocation
CVE-2021-21705: fix incorrect url password validation
CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation

OSVersionArchitecturePackageVersionFilename
Centos6x86_64php-fpm< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-common< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-enchant< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-imap< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-zts< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-xml< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-bcmath< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-pspell< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-soap< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos6x86_64php-tidy< 5.3.3php-5.3.3-55.el6.cloudlinux.els.src.rpm

OS	Version	Architecture	Package	Version	Filename
Centos	6	x86_64	php-fpm	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-common	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-enchant	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-imap	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-zts	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-xml	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-bcmath	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-pspell	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-soap	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm
Centos	6	x86_64	php-tidy	< 5.3.3	php-5.3.3-55.el6.cloudlinux.els.src.rpm