QID 352455
Date Published: 2021-07-02
QID 352455: Amazon Linux Security Advisory for transfig: ALAS2-2021-1682
<DIV ID="issue_overview"> an out of bounds flaw was found in fig2dev utility within transfig.
An attacker could use this flaw and provide a crafted input to read_objects() probably resulting in a crash or in some cases memory corruption.
The highest threat from this vulnerability is to integrity as well as system availability. (
cve-2021-3561 ) </DIV>
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
Solution
Please refer to Amazon advisory: ALAS2-2021-1682 for affected packages and patching details, or update with your package manager.
Vendor References
- ALAS2-2021-1682 -
alas.aws.amazon.com/AL2/ALAS-2021-1682.html
CVEs related to QID 352455
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ALAS2-2021-1682 | Amazon Linux 2 |
|