UBUNTU-CVE-2021-40114

Source
https://ubuntu.com/security/CVE-2021-40114
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-40114.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-40114
Related
Published
2021-10-27T19:15:00Z
Modified
2024-10-15T14:08:25Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

References

Affected packages

Ubuntu:Pro:14.04:LTS / snort

Package

Name
snort
Purl
pkg:deb/ubuntu/snort?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.2.2-3
2.9.5.3-3
2.9.6.0-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / snort

Package

Name
snort
Purl
pkg:deb/ubuntu/snort?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.7.0-5

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / snort

Package

Name
snort
Purl
pkg:deb/ubuntu/snort?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.7.0-5
2.9.7.0-5build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / snort

Package

Name
snort
Purl
pkg:deb/ubuntu/snort?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.7.0-5build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / snort

Package

Name
snort
Purl
pkg:deb/ubuntu/snort?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.15.1-5
2.9.15.1-6
2.9.15.1-6build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}