Remote code execution in libspf2
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-33912 |
| CWE-ID | CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
libspf2 Other software / Other software solutions |
| Vendor | Gnome Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-based buffer overflow
EUVDB-ID: #VU85406
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-33912
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the SPF_record_expand_data() function in spf_expand.c. A remote attacker with control over a DNS server can create a specially crafted SPF DNS record, force the library to read data from the malicious DNS server, trigger a four-byte heap-based buffer overflow and execute arbitrary code on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionslibspf2: 1.0.2 - 1.2.10
CPE2.3- cpe:2.3:a:gnome:libspf2:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:libspf2:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:libspf2:1.0.4:*:*:*:*:*:*:*
https://github.com/shevek/libspf2/tree/8131fe140704eaae695e76b5cd09e39bd1dd220b
https://nathanielbennett.com/blog/libspf2-cve-jan-2022-disclosure
https://lists.debian.org/debian-lts-announce/2022/01/msg00015.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
