CVE-2021-31826

Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointer dereference flaw involving the session recovery feature. The flaw is exploitable (for a daemon crash) on systems not using this feature if a crafted cookie is supplied.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
shibbolethservice_provider
3.0.0 ≤
𝑥
< 3.2.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
shibboleth-sp
bullseye
3.2.2+dfsg1-1
fixed
bookworm
3.4.1+dfsg-2
fixed
sid
3.4.1+dfsg-2.1
fixed
trixie
3.4.1+dfsg-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
shibboleth-sp
jammy
not-affected
impish
not-affected
hirsute
ignored
groovy
ignored
focal
Fixed 3.0.4+dfsg1-1ubuntu0.2
released
bionic
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://bugs.debian.org/987608
https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec
https://issues.shibboleth.net/jira/browse/SSPCPP-927
https://shibboleth.net/community/advisories/secadv_20210426.txt
https://www.debian.org/security/2021/dsa-4905
https://bugs.debian.org/987608
https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=5a47c3b9378f4c49392dd4d15189b70956f9f2ec
https://issues.shibboleth.net/jira/browse/SSPCPP-927
https://shibboleth.net/community/advisories/secadv_20210426.txt
https://www.debian.org/security/2021/dsa-4905