Unrated severityNVD Advisory· Published Aug 25, 2022· Updated Aug 4, 2024
CVE-2021-42523
CVE-2021-42523
Description
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32- osv-coords31 versionspkg:rpm/opensuse/colord&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/colord&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/colord&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/colord&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/colord&distro=openSUSE%20Tumbleweedpkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/colord&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/colord&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/colord&distro=SUSE%20Linux%20Micro%206.1
< 1.4.4-150200.4.6.1+ 30 more
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.5-150400.4.3.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.6-2.1
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.5-150400.4.3.1
- (no CPE)range: < 1.4.5-150400.4.9.1
- (no CPE)range: < 1.4.5-150400.4.9.1
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.5-150400.4.3.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.5-150400.4.3.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.3.3-13.3.1
- (no CPE)range: < 1.3.3-13.9.2
- (no CPE)range: < 1.3.3-13.3.1
- (no CPE)range: < 1.3.3-13.9.2
- (no CPE)range: < 1.3.3-13.3.1
- (no CPE)range: < 1.3.3-13.3.1
- (no CPE)range: < 1.4.4-150200.4.6.1
- (no CPE)range: < 1.4.5-150400.4.3.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-150600.3.8.1
- (no CPE)range: < 1.4.6-4.1
- (no CPE)range: < 1.4.6-slfo.1.1_2.1
Patches
Vulnerability mechanics
References
1- github.com/hughsie/colord/issues/110mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.