httpd:2.4: CVSS (Max): 8.1

=========================================================================== 
                         ZMCIRT Vulnerability Bulletin

                             ZMC-2022.04.16.0800
                           httpd:2.4: CVSS (Max): 8.1
                               16th March 2022

===========================================================================
Product:           httpd:2.4
Publisher:         Red Hat
Operating System:  Red Hat
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-39275 CVE-2021-34798 

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2022:0891

Comment: CVSS (Max):  8.1 CVE-2021-39275 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: Red Hat
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: httpd:2.4 security update
Advisory ID:       RHSA-2022:0891-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:0891
Issue date:        2022-03-15
CVE Names:         CVE-2021-34798 CVE-2021-39275 
=====================================================================

1. Summary:

An update for the httpd:2.4 module is now available for Red Hat Enterprise
Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient,
and extensible web server.

Security Fix(es):

* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)

* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input
(CVE-2021-39275)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input
2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2.src.rpm
mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.src.rpm
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm

aarch64:
httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
httpd-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
httpd-debugsource-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
httpd-devel-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
httpd-tools-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
httpd-tools-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm
mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm
mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.aarch64.rpm
mod_ldap-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_ldap-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm
mod_proxy_html-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_proxy_html-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_session-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_session-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_ssl-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm
mod_ssl-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.aarch64.rpm

noarch:
httpd-filesystem-2.4.37-43.module+el8.5.0+14370+51c6d843.2.noarch.rpm
httpd-manual-2.4.37-43.module+el8.5.0+14370+51c6d843.2.noarch.rpm

ppc64le:
httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
httpd-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
httpd-debugsource-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
httpd-devel-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
httpd-tools-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
httpd-tools-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm
mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm
mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.ppc64le.rpm
mod_ldap-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_ldap-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm
mod_proxy_html-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_proxy_html-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_session-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_session-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_ssl-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm
mod_ssl-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.ppc64le.rpm

s390x:
httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
httpd-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
httpd-debugsource-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
httpd-devel-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
httpd-tools-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
httpd-tools-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm
mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm
mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.s390x.rpm
mod_ldap-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_ldap-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm
mod_proxy_html-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_proxy_html-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_session-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_session-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_ssl-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm
mod_ssl-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.s390x.rpm

x86_64:
httpd-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
httpd-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
httpd-debugsource-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
httpd-devel-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
httpd-tools-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
httpd-tools-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_http2-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm
mod_http2-debuginfo-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm
mod_http2-debugsource-1.15.7-3.module+el8.4.0+8625+d397f3da.x86_64.rpm
mod_ldap-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_ldap-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm
mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm
mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm
mod_proxy_html-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_proxy_html-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_session-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_session-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_ssl-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm
mod_ssl-debuginfo-2.4.37-43.module+el8.5.0+14370+51c6d843.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-34798
https://access.redhat.com/security/cve/CVE-2021-39275
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/



- --------------------------END INCLUDED TEXT--------------------


ZMCIRT has made every effort to ensure that the informaqtion contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. ZMCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Internet Email: report@cirt.zm     
Telephone:     7070 
                ZMCIRT personnel answer during Zambian business hours 
                which are 8am to 5pm.
                On call after hours for member emergencies only.
===========================================================================