Multiple vulnerabilities in klibc
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-31870 CVE-2021-31871 CVE-2021-31872 CVE-2021-31873 |
| CWE-ID | CWE-190 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
klibc Operating systems & Components / Operating system package or component |
| Vendor |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU62375
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31870
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the calloc() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsklibc: before 2.0.9
External linkshttp://kernel.org/pub/linux/libs/klibc/2.0/
http://lists.zytor.com/archives/klibc/2021-April/004593.html
http://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2
http://www.openwall.com/lists/oss-security/2021/04/30/1
http://lists.debian.org/debian-lts-announce/2021/06/msg00025.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU62376
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31871
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in the cpio command. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsklibc: before 2.0.9
External linkshttp://kernel.org/pub/linux/libs/klibc/2.0/
http://lists.zytor.com/archives/klibc/2021-April/004593.html
http://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5
http://www.openwall.com/lists/oss-security/2021/04/30/1
http://lists.debian.org/debian-lts-announce/2021/06/msg00025.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer overflow
EUVDB-ID: #VU62377
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31872
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the cpio command. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsklibc: before 2.0.9
External linkshttp://kernel.org/pub/linux/libs/klibc/2.0/
http://lists.zytor.com/archives/klibc/2021-April/004593.html
http://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff
http://www.openwall.com/lists/oss-security/2021/04/30/1
http://lists.debian.org/debian-lts-announce/2021/06/msg00025.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Integer overflow
EUVDB-ID: #VU62378
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31873
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the malloc() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsklibc: before 2.0.9
External linkshttp://kernel.org/pub/linux/libs/klibc/2.0/
http://lists.zytor.com/archives/klibc/2021-April/004593.html
http://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202
http://www.openwall.com/lists/oss-security/2021/04/30/1
http://lists.debian.org/debian-lts-announce/2021/06/msg00025.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
