CVE-2021-3700 (https://bugzilla.redhat.com/show_bug.cgi?id=1992830): A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination.
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6155841f76ceaeaab548ff7be7eff3b7485b58b1 commit 6155841f76ceaeaab548ff7be7eff3b7485b58b1 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-02-26 08:33:00 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-02-26 08:33:00 +0000 sys-apps/usbredir: drop 0.9.0 Bug: https://bugs.gentoo.org/834010 Signed-off-by: Joonas Niilola <juippis@gentoo.org> sys-apps/usbredir/Manifest | 1 - sys-apps/usbredir/usbredir-0.9.0.ebuild | 45 --------------------------------- 2 files changed, 46 deletions(-)
