CVE-2021-35942

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

CVSS v3 9.1 CRITICAL
CVSS v2.0 6.4 MEDIUM

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:P

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202208-24	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210827-0005/	Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=28011	Issue Tracking Third Party Advisory
https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202208-24	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210827-0005/	Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=28011	Issue Tracking Third Party Advisory
https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
	cpe:2.3:a:netapp:hci_management_node:-:::::::*
	cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:::::::*
	cpe:2.3:a:netapp:solidfire:-:::::::*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-07-22 18:15

Updated : 2024-11-21 06:12

NVD link : CVE-2021-35942

Mitre link : CVE-2021-35942

CVE.ORG link : CVE-2021-35942

JSON object : View

Products Affected

netapp

active_iq_unified_manager
hci_management_node
e-series_santricity_os_controller
ontap_select_deploy_administration_utility
solidfire

gnu

glibc

debian

debian_linux

CWE

CWE-190

Integer Overflow or Wraparound

9.1 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.4 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-35942

9.1^/10

6.4^/10

Attach tags to `CVE-2021-35942`