CVE-2021-41752

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jerryscript versions prior to commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2

Description The issue is caused by an unbounded recursive call to the new opt() function, leading to a stack overflow. This occurs in Jerryscript before the specified commit on October 20, 2021.

Recommendations For versions prior to commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2, consider updating to a version that includes the fix for this issue. As a temporary workaround, consider disabling the new opt() function until a patch is available.

Exploit

Fix

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

CVE-2021-41752

Affected Products

Jerryscript

CVE-2021-41752

Weakness Enumeration

Related Identifiers

Affected Products

References · 8