CVE-2021-31873

Sažetak

An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.

Reference

https://kernel.org/pub/linux/libs/klibc/2.0/
https://lists.zytor.com/archives/klibc/2021-April/004593.html
https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202
http://www.openwall.com/lists/oss-security/2021/04/30/1
https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html
https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-11-2023 - 22:15

Objavljeno

30-04-2021 - 06:15