PT-2021-21589 · Unknown+1 · Atomicparsley+1
Tank0123
·
Published
2021-08-04
·
Updated
2023-05-03
·
CVE-2021-37232
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Atomicparsley version 20210124.204813.840499f
Description
A stack overflow issue occurs due to the lack of buffer size checking for
uint32 buffer while reading more bytes in the APar read64() function located in src/util.cpp. This issue is related to the APar read64() function.Recommendations
For Atomicparsley version 20210124.204813.840499f, consider disabling the
APar read64() function as a temporary workaround until a patch is available. Restrict access to the src/util.cpp module to minimize the risk of exploitation. Avoid using the uint32 buffer variable in the affected function until the issue is resolved.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Atomicparsley
Debian