Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-33910
HistoryJul 20, 2021 - 12:00 a.m.

CVE-2021-33910

2021-07-2000:00:00
ubuntu.com
ubuntu.com
30

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a
Memory Allocation with an Excessive Size Value (involving strdupa and
alloca for a pathname controlled by a local attacker) that results in an
operating system crash.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchsystemd< 248.3-1ubuntu3UNKNOWN
ubuntu18.04noarchsystemd< 237-3ubuntu10.49UNKNOWN
ubuntu20.04noarchsystemd< 245.4-4ubuntu3.10UNKNOWN
ubuntu20.10noarchsystemd< 246.6-1ubuntu1.7UNKNOWN
ubuntu21.04noarchsystemd< 247.3-3ubuntu3.4UNKNOWN
ubuntu16.04noarchsystemd< 229-4ubuntu21.31+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu21.10noarchsystemd< 248.3-1ubuntu3UNKNOWN

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.6%