CVE-2021-32419 — Out-of-bounds Write in Schism Tracker

CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 55.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schismtracker Schism Tracker

Timeline

PublishedFeb 17

Description

An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDschismtracker/schism_tracker< 20200412

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

CVE-2021-32419: An issue in Schism Tracker v20200412 fixed in v↗2023-02-17

▶

GHSA

GHSA-23ph-fhq5-g5v8: An issue in Schism Tracker v20200412 fixed in v↗2023-02-17

▶

OSV

CVE-2021-32419: An issue in Schism Tracker v20200412 fixed in v↗2023-02-17

▶

📋Vendor Advisories

Debian

CVE-2021-32419: schism - An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obta...↗2021

▶