CVE-2021-33910

Published: 20/07/2021 Updated: 07/11/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

basic/unit-name.c in systemd before 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
systemd project systemd
fedoraproject fedora 33
fedoraproject fedora 34
debian debian linux 10.0
netapp solidfire -
netapp hci management node -

The Qualys Research Labs discovered that an attacker-controlled allocation using the alloca() function could result in memory corruption, allowing to crash systemd and hence the entire operating system Details can be found in the Qualys advisory at wwwqualyscom/2021/07/20/cve-2021-33910/denial-of-service-systemdtxt For the stable distri ...

Systemd parses the content of /proc/self/mountinfo and each mountpoint is passed to mount_setup_unit(), which calls unit_name_path_escape() underneath A local attacker who is able to mount a filesystem with a very long path can crash systemd and the whole system ...

PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS ...

Critical Infrastructure Sectors: Critical Manufacturing

Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel ...

On Tue, Jul 20, 2021 at 2:41 PM Qualys Security Advisory <qsa () qualys com> wrote: Upstream commit: githubcom/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9 Regards -- Mauro Matteo Cascella Red Hat Product Security PGP-Key ID: BB3410B0 ...

On Tue, Jul 27, 2021, at 11:59 AM, Solar Designer wrote: How many examples should I provide? The last security patch I did was for systemd We have patches on systemd which means we cannot use the Ubuntu version directly, so when, for example, CVE-2020-13529 and CVE-2021-33910 patches arrived in Ubuntu 2104 on July 20, 2021, I applied them to ou ...

Hello Alexander, I'm keeping this in mind We may hire someone to handle this task, and I will get back to you when we do Thanks, -- Jeremy Soller System76 Principal Engineer jeremy () system76 com On Tue, Aug 17, 2021, at 6:31 AM, Solar Designer wrote: ...

Hi Jeremy, I'm sorry about the delay I was hoping someone else would chime in On Wed, Aug 04, 2021 at 09:59:02AM -0600, Jeremy Soller wrote: There's no specific requirement on the number of examples The above looks reasonable to me I cannot speak for them, but the task does require some effort on every issue, and perhaps the specific p ...

Qualys Security Advisory Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) ======================================================================== Contents ======================================================================== Summary Analysis Exploitation overview Exploitation details Mitigations Acknowledgments Timeline = ...

Qualys Security Advisory CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept Acknowledgments Timeline ================================= ...

This Binary shows the ecr image scan findings in a human readable format

AWS ECR Image Scanner This binary shows the ecr image scan findings in a human readable format ECR Scan will be auto triggered post retry-timout if scan_on_push or continuous_scan is disabled in ecr repo This binary can be integrated with CI pipelines where post docker image creation, scanning can be done to see vulnerabilities Prerequisites ECR Scan is enabled in your

CWE-770 https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9 https://www.openwall.com/lists/oss-security/2021/07/20/2 https://security.gentoo.org/glsa/202107-48 https://www.debian.org/security/2021/dsa-4942 http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538 https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61 http://www.openwall.com/lists/oss-security/2021/08/04/2 http://www.openwall.com/lists/oss-security/2021/08/17/3 http://www.openwall.com/lists/oss-security/2021/09/07/3 https://security.netapp.com/advisory/ntap-20211104-0008/https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/https://nvd.nist.gov https://www.debian.org/security/2021/dsa-4942 https://github.com/sam0392in/aws-ecr-image-scanner https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-09 https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

CVE-2021-33910

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Exploits

Mailing Lists

Github Repositories

References

Vulmon Search

About

Products

Connect