{"vulnerability": "CVE-2021-3391", "sightings": [{"uuid": "fb270734-cfcc-43ea-b8bc-b2af20e78625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-33910", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=617", "content": "", "creation_timestamp": "2021-07-21T04:00:00.000000Z"}, {"uuid": "d0f7be96-bfa9-4bfd-a47b-9fd1e9bcef3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33910", "type": "seen", "source": "https://t.me/true_secator/1935", "content": "\u0420\u0430\u0431\u043e\u0442\u0430 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043a\u043e\u0441\u043d\u0443\u043b\u0430\u0441\u044c \u0438 Linux. \u0412\u044b\u043f\u0443\u0449\u0435\u043d \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u0430\u0435\u0442 \u0434\u0430\u0436\u0435 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 root \u0432 Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11 \u0438 Fedora 34 Workstation. \u0414\u0440\u0443\u0433\u0438\u0435 \u0441\u0431\u043e\u0440\u043a\u0438 Linux, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041e\u0448\u0438\u0431\u043a\u0443 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u044f\u0434\u0440\u0430 \u0441\u043e\u0432\u0441\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Qualys Research. \u0414\u044b\u0440\u0430 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Linux \u0431\u044b\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0430 Sequoia \u0438 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u043a\u0430\u043a CVE-2021-33909. \u0420\u0430\u043d\u0435\u0435 \u043e\u043d\u0438 \u0436\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0438 \u0443\u044f\u0437\u0430\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-33910) \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0438 \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0438 \u0441\u0442\u0435\u043a\u0430 \u0432 systemd.\n\n\u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u042d\u0440\u0438\u043a \u0421\u0430\u043d\u0434\u0438\u043d, \u0432\u0435\u0434\u0443\u0449\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Red Hat, \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b \u0440\u0435\u0448\u0435\u043d\u0438\u0435, \u0430 \u0413\u0440\u0435\u0433 \u041a\u0440\u043e\u0430-\u0425\u0430\u0440\u0442\u043c\u0430\u043d, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u044f\u0434\u0440\u0430 Linux, \u0432\u043e\u043f\u043b\u043e\u0442\u0438\u043b \u0435\u0433\u043e, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 Linux 5.13.4. \u0422\u0430\u043a \u0447\u0442\u043e \u0432\u043f\u0435\u0440\u0435\u0434: \u043e\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux \u0441 3.16 \u043f\u043e 5.13.x.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0435\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u044f\u0434\u0440\u043e, \u0432\u044b \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043c\u043e\u0436\u0435\u0442\u0435 \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0432 / proc / sys / kernel / unprivileged_userns_clone \u043d\u0430 0 \u0438 / proc / sys / kernel / unprivileged_bpf_disabled \u0440\u0430\u0432\u043d\u044b\u043c 1. \u041d\u043e \u0435\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0445\u043e\u0442\u0438\u0442\u0435 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0432 \u043b\u0435\u0439\u043a\u0443 - \u0432\u0441\u0435 \u0436\u0435 \u043b\u0443\u0447\u0448\u0435 \u043f\u0440\u0438\u043a\u0440\u044b\u0442\u044c \u0434\u044b\u0440\u0443 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u043e\u0432\u0438\u0432 \u044f\u0434\u0440\u043e.", "creation_timestamp": "2021-07-22T16:23:24.000000Z"}, {"uuid": "d18dc103-9b02-401e-a8ba-73e70ca41ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33912", "type": "seen", "source": "https://t.me/arpsyndicate/3949", "content": "#ExploitObserverAlert\n\nPSS-177228\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177228. Ubuntu Security Notice USN-6584-2. Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.", "creation_timestamp": "2024-02-22T09:47:50.000000Z"}, {"uuid": "e567f2dc-aabc-4e35-9106-a49e878495b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33913", "type": "seen", "source": "https://t.me/arpsyndicate/3949", "content": "#ExploitObserverAlert\n\nPSS-177228\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-177228. Ubuntu Security Notice USN-6584-2. Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.", "creation_timestamp": "2024-02-22T09:47:50.000000Z"}, {"uuid": "746d88b1-3a32-4764-bd0b-952ef05de494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33913", "type": "seen", "source": "https://t.me/cibsecurity/35880", "content": "\u203c CVE-2021-33913 \u203c\n\nlibspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data depends on the relationship between the length of an entire domain name and the length of its leftmost label. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T20:26:10.000000Z"}, {"uuid": "911f09c6-accb-4a08-b76d-47a6bf3f2557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33912", "type": "seen", "source": "https://t.me/cibsecurity/35877", "content": "\u203c CVE-2021-33912 \u203c\n\nlibspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T20:26:05.000000Z"}]}