CVE-2021-46021

CWE-416Use After Free7 documents6 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 65.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fedoraproject FedoraGNU Recutils
Timeline
PublishedJan 14
Latest updateDec 4

Description

An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

Ubunturecutils< 1.7-1ubuntu0.1~esm1+3
NVDgnu/recutils1.8.90

Also affects: Fedora 35, 36

🔴Vulnerability Details

4
OSV
recutils vulnerabilities2024-12-04
GHSA
GHSA-gj92-2vg9-c8jv: An Use-After-Free vulnerability in rec_record_destroy() at rec-record2022-01-15
OSV
CVE-2021-46021: An Use-After-Free vulnerability in rec_record_destroy() at rec-record2022-01-14
CVEList
CVE-2021-46021: An Use-After-Free vulnerability in rec_record_destroy() at rec-record2022-01-14

📋Vendor Advisories

2
Ubuntu
recutils vulnerabilities2024-12-04
Debian
CVE-2021-46021: recutils - An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU R...2021
CVE-2021-46021 (MEDIUM CVSS 5.5) | An Use-After-Free vulnerability in | cvebase.io