CVE-2021-3520

Published: Jun 2, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.

Affected (9)

Products: Lz4 Project: Lz4 · Netapp: Active Iq Unified Manager, Cloud Backup, Ontap Select Deploy Administration Utility · Oracle: Communications Cloud Native Core Policy, Zfs Storage Appliance Kit · +1 more

Show all products

Lz4 Project: Lz4 · Netapp: Active Iq Unified Manager, Cloud Backup, Ontap Select Deploy Administration Utility · Oracle: Communications Cloud Native Core Policy, Zfs Storage Appliance Kit · Splunk: Universal Forwarder

1 product

3 products

Active Iq Unified Manager

Ontap Select Deploy Administration Utility

2 products

Communications Cloud Native Core Policy

Zfs Storage Appliance Kit

1 product

Universal Forwarder

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lz4 Project Lz4	From 1.8.3 to 1.9.4

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	All versions
Netapp Cloud Backup	All versions
Netapp Ontap Select Deploy Administration Utility	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Communications Cloud Native Core Policy	Version 1.14.0
Oracle Zfs Storage Appliance Kit	Version 8.8

Configuration D

3 vulnerable

Vulnerable Software	Affected Versions
Splunk Universal Forwarder	From 8.2.0 to 8.2.12
Splunk Universal Forwarder	From 9.0.0 to 9.0.6
Splunk Universal Forwarder	Version 9.1.0

Related CWEs

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (10)

https://bugzilla.redhat.com/show_bug.cgi?id=1954559

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20211104-0005/

Source: secalert@redhat.com

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Source: secalert@redhat.com

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2022.html

Source: secalert@redhat.com

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Source: secalert@redhat.com

PatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1954559

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://security.netapp.com/advisory/ntap-20211104-0005/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2022.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.