PT-2021-3607 · Libcaca+5 · Libcaca+5

Fdgnneigo

Published

2021-02-23

Updated

2026-05-11

CVE-2021-3410

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libcaca version 0.99.beta19

Description A flaw was found in the caca resize function in libcaca/caca/canvas.c, which is related to a buffer overflow issue. This may lead to local execution of arbitrary code in the user context. The issue can allow an attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For libcaca version 0.99.beta19, as a temporary workaround, consider disabling the caca resize function until a patch is available. Restrict access to the vulnerable canvas.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Integer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-119

Related Identifiers

ALT-PU-2021-2638

ALT-PU-2023-4273

ALT-PU-2024-7820

BDU:2021-03712

CVE-2021-3410

DLA-2584-1

MGASA-2021-0128

OPENSUSE-SU-2022_3400-1

OPENSUSE-SU-2024:10927-1

ROSA-SA-2025-2554

SUSE-SU-2022:0754-1

SUSE-SU-2022:3400-1

SUSE-SU-2022:3428-1

SUSE-SU-2022_3400-1

SUSE-SU-2022_3428-1

USN-4921-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Suse

Ubuntu

Libcaca

PT-2021-3607 · Libcaca+5 · Libcaca+5

CVE-2021-3410

Weakness Enumeration

Related Identifiers

Affected Products

References · 53