CVE-2021-32276

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions faad2 versions through 2.10.0

Description An issue exists in the function get sample() located in output.c, which allows an attacker to cause Denial of Service due to a NULL pointer dereference. This can be exploited by a remote attacker to disrupt service.

Recommendations For versions through 2.10.0, as a temporary workaround, consider disabling the get sample() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2023-1533

ALT-PU-2023-1579

BDU:2022-01813

CVE-2021-32276

DLA-2792-1

DSA-5109-1

USN-6313-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Ubuntu

Faad2

CVE-2021-32276

Weakness Enumeration

Related Identifiers

Affected Products

References · 27