Upstream information

CVE-2021-42072 at MITRE

Description

An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 15 SP3
  • barrier >= 2.4.0-bp153.2.3.1
Patchnames:
openSUSE-2021-1595
openSUSE Leap 15.2
  • barrier >= 2.4.0-lp152.3.6.1
Patchnames:
openSUSE-2021-1498
openSUSE Leap 15.3
  • barrier >= 2.4.0-bp153.2.3.1
Patchnames:
openSUSE-2021-1595
openSUSE Tumbleweed
  • barrier >= 2.4.0-1.1
Patchnames:
openSUSE Tumbleweed GA barrier-2.4.0-1.1