CVE-2021-33910
published 2021-07-20CVE-2021-33910: basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | systemd | < systemd 247.3-6 (bookworm) | systemd 247.3-6 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cm1_systemd_239-38_on_cbl_mariner_1.0 | — | — |
| paloalto | pan-os | — | — |
| systemd_project | systemd | < 246.15 | 246.15 |
| systemd_project | systemd | >= 0 < 247.3-6 | 247.3-6 |
| systemd_project | systemd | >= 0 < 247.3-6 | 247.3-6 |
| systemd_project | systemd | >= 0 < 247.3-6 | 247.3-6 |
| systemd_project | systemd | >= 0 < 247.3-6 | 247.3-6 |
| systemd_project | systemd | >= 0 < 237-3ubuntu10.49 | 237-3ubuntu10.49 |
| systemd_project | systemd | >= 0 < 245.4-4ubuntu3.10 | 245.4-4ubuntu3.10 |
| systemd_project | systemd | >= 0 < 229-4ubuntu21.31+esm1 | 229-4ubuntu21.31+esm1 |
| systemd_project | systemd | >= 247 < 247.8 | 247.8 |
| systemd_project | systemd | >= 248 < 248.5 | 248.5 |
| systemd_project | systemd | >= 249 < 249.1 | 249.1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.1MEDIUM