PT-2022-2035 · Glibc+4 · Glibc+4

Siddhesh Poyarekar

Published

2022-02-01

Updated

2024-06-15

CVE-2021-3998

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions glibc (affected versions not specified)

Description A flaw was found in the realpath() function of glibc, which can mistakenly return an unexpected value. This issue is related to memory release errors and can potentially lead to information leakage and disclosure of sensitive data. Exploitation of this flaw may allow a remote attacker to access confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Unchecked Return Value

Out of bounds Read

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252CWE-125CWE-401

Related Identifiers

ALT-PU-2022-1201

ALT-PU-2022-1215

AZL-10675

BDU:2022-01634

CVE-2021-3998

OPENSUSE-SU-2024:11850-1

USN-5310-1

Affected Products

Alt Linux

Linuxmint

Red Os

Ubuntu

Glibc

PT-2022-2035 · Glibc+4 · Glibc+4

CVE-2021-3998

Weakness Enumeration

Related Identifiers

Affected Products

References · 40