PT-2022-10335 · Ming · Ming

Hadowblad3

Published

2022-03-07

Updated

2022-03-12

CVE-2021-34338

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Ming version 0.4.8

Description The issue is an out-of-bounds buffer overwrite in the getName() function located in the decompiler.c file. This causes a direct segmentation fault, leading to denial of service.

Recommendations For Ming version 0.4.8, consider disabling the getName() function as a temporary workaround until a patch is available. Restrict access to the decompiler.c file to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

CVE-2021-34338

Affected Products

Ming

PT-2022-10335 · Ming · Ming

CVE-2021-34338

Weakness Enumeration

Related Identifiers

Affected Products

References · 10