In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is     NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a     crash. (CVE-2021-28904)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3245-1 advisory.

  - In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of     retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of     retval->ext[r]->flags that results in a crash. (CVE-2021-28902)

  - A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem().
    lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
    (CVE-2021-28903)

  - In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is     NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a     crash. (CVE-2021-28904)

  - In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r]     is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results     in a crash. (CVE-2021-28906)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202107-54 (libyang: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libyang. Please review       the CVE identifiers referenced below for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Severity
223695	Linux Distros Unpatched Vulnerability : CVE-2021-28904	Nessus	Misc.	high
164976	SUSE SLES15 Security Update : libyang (SUSE-SU-2022:3245-1)	Nessus	SuSE Local Security Checks	high
156981	GLSA-202107-54 : libyang: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high

Detections

Analytics

CVE-2021-28904

high

Tenable Plugins

high

high

high