Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
107
VMScore

CVE-2021-37600

Published: 30/07/2021 Updated: 11/04/2024
CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 107
Vector: AV:L/AC:H/Au:N/C:N/I:N/A:P
Subscribe to Util-linux

Vulnerability Summary

An integer overflow in util-linux up to and including 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kernel util-linux

netapp ontap select deploy administration utility -

Vendor Advisories

Debian CVElist Bug Report Logs: util-linux: CVE-2021-37600: Potential integer overflow in ipcutils.c
Debian Bug report logs - #991619 util-linux: CVE-2021-37600: Potential integer overflow in ipcutilsc Package: src:util-linux; Maintainer for src:util-linux is util-linux packagers <util-linux@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 28 Jul 2021 18:51:01 UTC Severity: imp ...
Amazon Linux 2: ALAS2-2023-1920
** DISPUTED ** An integer overflow in util-linux through 2371 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments (CVE-2021-37600) ...
Arch Linux Issues:
An integer overflow in util-linux through 2371 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-190https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1chttps://github.com/karelzak/util-linux/issues/1395https://security.netapp.com/advisory/ntap-20210902-0002/https://security.gentoo.org/glsa/202401-08https://lists.debian.org/debian-lts-announce/2024/04/msg00005.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991619https://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10https://alas.aws.amazon.com/AL2/ALAS-2023-1920.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook