Vulnerability Description
An issue was discovered in Barrier before 2.3.4. The barriers component (aka the server-side implementation of Barrier) does not correctly close file descriptors for established TCP connections. An unauthenticated remote attacker can thus cause file descriptor exhaustion in the server process, leading to denial of service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Barrier Project | Barrier | < 2.3.4 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2021/11/02/4ExploitMailing ListThird Party Advisory
- https://github.com/debauchee/barrier/releases/tag/v2.3.4Release NotesThird Party Advisory
- http://www.openwall.com/lists/oss-security/2021/11/02/4ExploitMailing ListThird Party Advisory
- https://github.com/debauchee/barrier/releases/tag/v2.3.4Release NotesThird Party Advisory
FAQ
What is CVE-2021-42075?
CVE-2021-42075 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Barrier before 2.3.4. The barriers component (aka the server-side implementation of Barrier) does not correctly close file descriptors for established TCP connections. An un...
How severe is CVE-2021-42075?
CVE-2021-42075 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-42075?
Check the references section above for vendor advisories and patch information. Affected products include: Barrier Project Barrier.