Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 775194 (CVE-2021-28116)

Summary: <net-proxy/squid-4.15: out-of-bounds read in WCCP protocol data may lead to information disclosure (CVE-2021-28116)
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: zlogene
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.zerodayinitiative.com/advisories/ZDI-21-157/
Whiteboard: C2 [glsa+ cve]
Package list:
Runtime testing required: ---

Description John Helmert III gentoo-dev Security 2021-03-10 02:55:32 UTC
CVE-2021-28116:

Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.


Not much information available but this CVE itself only appears to be
information disclosure, and apparently no public fix yet.
Comment 1 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2021-05-17 08:06:16 UTC
4.15 is in stable now.
Comment 2 Thomas Deutschmann gentoo-dev Security 2021-05-24 16:13:15 UTC
> This can be leveraged as part of a chain for remote code execution as nobody.

This will get a GLSA, new GLSA request filed.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 08:55:18 UTC
This issue was resolved and addressed in
 GLSA 202105-14 at https://security.gentoo.org/glsa/202105-14
by GLSA coordinator Thomas Deutschmann (whissi).