CVE-2021-46022

CWE-416Use After Free7 documents6 sources
Severity
5.5MEDIUM
EPSS
0.2%
top 54.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fedoraproject FedoraGNU Recutils
Timeline
PublishedJan 14
Latest updateDec 4

Description

An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

Ubunturecutils< 1.7-1ubuntu0.1~esm1+3
NVDgnu/recutils1.8.90

Also affects: Fedora 35, 36

🔴Vulnerability Details

4
OSV
recutils vulnerabilities2024-12-04
GHSA
GHSA-5m66-q83m-q8c2: An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset2022-01-15
CVEList
CVE-2021-46022: An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset2022-01-14
OSV
CVE-2021-46022: An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset2022-01-14

📋Vendor Advisories

2
Ubuntu
recutils vulnerabilities2024-12-04
Debian
CVE-2021-46022: recutils - An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU ...2021
CVE-2021-46022 (MEDIUM CVSS 5.5) | An Use-After-Free vulnerability in | cvebase.io