Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-3998

Published: 24/08/2022 Updated: 12/02/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Glibc

Vulnerability Summary

It exists that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-27645)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu glibc

netapp ontap select deploy administration utility -

netapp h300s_firmware -

netapp h500s_firmware -

netapp h700s_firmware -

netapp h410s_firmware -

netapp h410c_firmware -

Vendor Advisories

Ubuntu Security Notice: USN-5310-1: GNU C Library vulnerabilities
Several security issues were fixed in GNU C Library ...
Arch Linux Issues:
A flaw was found in glibc The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

Mailing Lists

Full Disclosure: CVE-2021-3998 and CVE-2021-3999 in glibc's realpath() and getcwd()
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-3998 and CVE-2021-3999 in glibc's realpath() and getcwd() <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From ...
Full Disclosure: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-44731: Race condition in snap-confine's setup_private_mount() <!--X-Subject-Header-End--> <!--X-Head-of-Message--> ...
Full Disclosure: Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount()
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: CVE-2021-44731: Race condition in snap-confine's setup_private_mount() <!--X-Subject-Header-End--> <!--X-Head-of-Message-- ...

References

CWE-125https://www.openwall.com/lists/oss-security/2022/01/24/4https://access.redhat.com/security/cve/CVE-2021-3998https://sourceware.org/bugzilla/show_bug.cgi?id=28770https://security-tracker.debian.org/tracker/CVE-2021-3998https://bugzilla.redhat.com/show_bug.cgi?id=2024633https://security.netapp.com/advisory/ntap-20221020-0003/https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bbhttps://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5310-1https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook