UBUNTU-CVE-2021-42521

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-42521

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42521.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-42521

Upstream

CVE-2021-42521

Published

2022-08-25T18:15:00Z

Modified

2025-07-14T06:34:44.800439Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- medium

Summary

[none]

Details

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may crash the application.

References

Affected packages

Ubuntu:Pro:14.04:LTS / vtk

Package

Name: vtk
Purl: pkg:deb/ubuntu/vtk@5.8.0-14.1ubuntu3+esm1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.8.0-14ubuntu1

5.8.0-14ubuntu3

5.8.0-14.1ubuntu2

5.8.0-14.1ubuntu3

5.8.0-14.1ubuntu3+esm1

Ubuntu:Pro:14.04:LTS / vtk6

Package

Name: vtk6
Purl: pkg:deb/ubuntu/vtk6@6.0.0-6?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.0.0-1

6.0.0-2

6.0.0-3

6.0.0-4

6.0.0-6

Ubuntu:Pro:16.04:LTS / vtk

Package

Name: vtk
Purl: pkg:deb/ubuntu/vtk@5.10.1+dfsg-2.1ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.10.1+dfsg-2

5.10.1+dfsg-2build3

5.10.1+dfsg-2.1build1

5.10.1+dfsg-2.1ubuntu0.1~esm1

Ubuntu:Pro:16.04:LTS / vtk6

Package

Name: vtk6
Purl: pkg:deb/ubuntu/vtk6@6.2.0+dfsg1-10ubuntu0.1+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.2.0+dfsg1-4ubuntu5

6.2.0+dfsg1-4ubuntu6

6.2.0+dfsg1-8

6.2.0+dfsg1-9

6.2.0+dfsg1-10build1

6.2.0+dfsg1-10ubuntu0.1

6.2.0+dfsg1-10ubuntu0.1+esm1

Ubuntu:Pro:18.04:LTS / vtk6

Package

Name: vtk6
Purl: pkg:deb/ubuntu/vtk6@6.3.0+dfsg1-11build1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.3.0+dfsg1-10build1

6.3.0+dfsg1-10build2

6.3.0+dfsg1-10build3

6.3.0+dfsg1-11

6.3.0+dfsg1-11build1

Ubuntu:Pro:18.04:LTS / vtk7

Package

Name: vtk7
Purl: pkg:deb/ubuntu/vtk7@7.1.1+dfsg1-2?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.1.1+dfsg1-2

Ubuntu:Pro:20.04:LTS / vtk6

Package

Name: vtk6
Purl: pkg:deb/ubuntu/vtk6@6.3.0+dfsg2-5build2?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.3.0+dfsg2-2build7

6.3.0+dfsg2-4build1

6.3.0+dfsg2-5

6.3.0+dfsg2-5build1

6.3.0+dfsg2-5build2

Ubuntu:Pro:20.04:LTS / vtk7

Package

Name: vtk7
Purl: pkg:deb/ubuntu/vtk7@7.1.1+dfsg2-2ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.1.1+dfsg1-12build2

7.1.1+dfsg2-1

7.1.1+dfsg2-1build1

7.1.1+dfsg2-1ubuntu3

7.1.1+dfsg2-2ubuntu1

Ubuntu:22.04:LTS / vtk7

Package

Name: vtk7
Purl: pkg:deb/ubuntu/vtk7@7.1.1+dfsg2-10.1build1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.1.1+dfsg2-10

7.1.1+dfsg2-10ubuntu2

7.1.1+dfsg2-10ubuntu3

7.1.1+dfsg2-10.1

7.1.1+dfsg2-10.1build1

Ubuntu:22.04:LTS / vtk9

Package

Name: vtk9
Purl: pkg:deb/ubuntu/vtk9@9.1.0+really9.1.0+dfsg2-3build1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

9.*

9.0.1+dfsg1-8

9.1.0+really9.0.3+dfsg1-4

9.1.0+really9.0.3+dfsg1-4build1

9.1.0+really9.1.0+dfsg2-3

9.1.0+really9.1.0+dfsg2-3build1

Ubuntu:24.04:LTS / vtk9

Package

Name: vtk9
Purl: pkg:deb/ubuntu/vtk9@9.1.0+really9.1.0+dfsg2-7.1build3?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

9.*

9.1.0+really9.1.0+dfsg2-7

9.1.0+really9.1.0+dfsg2-7build1

9.1.0+really9.1.0+dfsg2-7.1build2

9.1.0+really9.1.0+dfsg2-7.1build3

Ubuntu:25.04 / vtk9

Package

Name: vtk9
Purl: pkg:deb/ubuntu/vtk9@9.3.0+dfsg1-4ubuntu1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

9.*

9.3.0+dfsg1-1build1

9.3.0+dfsg1-1.1build2

9.3.0+dfsg1-1.1ubuntu2

9.3.0+dfsg1-1.1ubuntu3

9.3.0+dfsg1-4ubuntu1