QwikSec

Security Database

CVE

CWE

Training

CVE-2021-37600

Published: Jul 28, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/karelzak/util-linux/issues/1395

https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c

https://security.netapp.com/advisory/ntap-20210902-0002/

vendor-advisory

[debian-lts-announce] 20240407 [SECURITY] [DLA 3782-1] util-linux security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.