CVE-2017-7861Out-of-bounds Write in Grpc

CWE-787Out-of-bounds Write5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
1.6%
top 18.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GrpcDebian Grpc
Timeline
PublishedApr 14
Latest updateMay 17

Description

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

debiandebian/grpc< grpc 1.2.5-1+nmu0 (bookworm)
Debiangrpc/grpc< 1.2.5-1+nmu0+3
NVDgrpc/grpc1.1.2

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-wgxc-2fq5-r7v3: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc2022-05-17
OSV
CVE-2017-7861: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc2017-04-14
CVEList
CVE-2017-7861: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc2017-04-14

📋Vendor Advisories

1
Debian
CVE-2017-7861: grpc - Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free...2017