CVE-2021-33910

Description from NVD

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

Information Acquisition Date:2021-07-31T16:40Z
CVSS 2.0: 4.9 MEDIUM CVSS 3.x: 5.5 MEDIUM

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

▼ CVSS2 Vec AV:L/AC:L/Au:N/C:N/I:N/A:C

NVD References

 https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9
     source:MISC
     tags:Patch    Third Party Advisory    
 https://www.openwall.com/lists/oss-security/2021/07/20/2
     source:MISC
     tags:Exploit    Mailing List    Third Party Advisory    
 GLSA-202107-48
     source:GENTOO
     tags:Third Party Advisory    
 DSA-4942
     source:DEBIAN
     tags:Third Party Advisory    
 http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce
     source:MISC
     tags:Patch    Third Party Advisory    
 https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b
     source:MISC
     tags:Patch    Third Party Advisory    
 FEDORA-2021-2a6ba64260
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538
     source:MISC
     tags:Patch    Third Party Advisory    
 https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b
     source:MISC
     tags:Patch    Third Party Advisory    
 https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61
     source:MISC
     tags:Patch    Third Party Advisory    
 FEDORA-2021-166e461c8d
     source:FEDORA
     tags:Mailing List    Third Party Advisory    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Linux(31 tweets) Unbound(1 tweets) iOS(14 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://blog.qualys.com/vulnerabilities-threat-research/202...15
https://thehackernews.com/2021/07/new-windows-and-linux-fla...11
https://noticiasseguridad.com/vulnerabilidades/cve-2021-339...9
https://access.redhat.com/security/vulnerabilities/RHSB-202...7
https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-...4
http://security.sios.com3

▼ Show Information from Twitter(92)


List of frequently cited URLs

URLNum of Times Referred to
blog.qualys.com15
thehackernews.com11
noticiasseguridad.com9
access.redhat.com7
www.qualys.com4
security.sios.com3

▼ Show Information from Twitter(92)


GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2021/08/02 Score : 0
Added Har-sia Database : 2021/07/20
Last Modified : 2021/08/02
Highest Scored Date : 2021/07/21
Highest Score : 47