CVE-2021-32292

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions json-c versions 0.14 through 0.15-20200726

Description A stack-buffer-overflow issue exists in the json parse auxiliary sample program, specifically in the parseit function. This issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For json-c versions 0.14 through 0.15-20200726, consider disabling the parseit function as a temporary workaround until a patch is available. Restrict access to the json parse auxiliary sample program to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2023-6479

ALT-PU-2023-6481

ALT-PU-2023-6841

AZL-28060

BDU:2023-05198

BIT-JSON-C-2021-32292

CVE-2021-32292

DSA-5486-1

OESA-2023-1571

OESA-2023-1572

OESA-2023-1573

USN-6310-1

Affected Products

Alt Linux

Linuxmint

Ubuntu

Json-C

CVE-2021-32292

Weakness Enumeration

Related Identifiers

Affected Products

References · 26