Oval Definition:	oval:org.opensuse.security:def:20213578
Revision Date: 2022-06-30 Version: 1 Title: CVE-2021-3578 Description: A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-3578 SUSE CVE-2021-3578 openSUSE-SU-2021:1170-1 openSUSE-SU-2021:1185-1 Platform(s): openSUSE Leap 15.2 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE Package Hub for SUSE Linux Enterprise 15 SP2 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND isync-1.4.3-1.2 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND isync-1.3.6-bp152.4.6.1 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information isync-1.3.6-lp152.4.6.1 is installed AND isync is signed with openSUSE key
BACK