CVE-2021-43523 — Cross-site Scripting in Project Uclibc-ng

CWE-79 — Cross-site Scripting6 documents6 sources

Severity

9.6CRITICALNVD

EPSS

3.8%

top 11.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Uclibc-ng Project Uclibc-ng Uclibc Debian Uclibc +2 more

Timeline

PublishedNov 10

Latest updateAug 22

Description

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages5 packages

▶NVDuclibc-ng_project/uclibc-ng< 1.0.39

▶NVDuclibc/uclibc0.9.33.2

▶debiandebian/uclibc

▶msrcmsrc/cm1_uclibc-ng_1.0.37-2_on_cbl_mariner_1.0

▶msrcmsrc/cbl2_uclibc-ng_1.0.37-2_on_cbl_mariner_2.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-65xv-vmv6-8r3f: In uClibc and uClibc-ng before 1↗2022-05-24

▶

OSV

CVE-2021-43523: In uClibc and uClibc-ng before 1↗2021-11-10

▶

📋Vendor Advisories

CISA ICS

Hitachi Energy AFF66x↗2023-08-22

▶

Microsoft

In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of↗2021-11-09

▶

Debian

CVE-2021-43523: uclibc - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters ...↗2021

▶