Back to search
CVE-2021-42341
Published: Oct 14, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
checkpath in OpenRC before 0.44.7 uses the direct output of strlen() to allocate strings, which does not account for the '\0' byte at the end of the string. This results in memory corruption. CVE-2021-42341 was introduced in git commit 63db2d99e730547339d1bdd28e8437999c380cae, which was introduced as part of OpenRC 0.44.0 development.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/OpenRC/openrc/issues/459
x_refsource_MISC
https://github.com/OpenRC/openrc/pull/462
x_refsource_MISC
https://bugs.gentoo.org/816900
x_refsource_MISC
https://github.com/OpenRC/openrc/issues/418
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now