Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-3561
HistoryMay 26, 2021 - 12:00 a.m.

CVE-2021-3561

2021-05-2600:00:00
ubuntu.com
ubuntu.com
6

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

41.3%

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds
check in read_objects() could allow an attacker to provide a crafted
malicious input causing the application to either crash or in some cases
cause memory corruption. The highest threat from this vulnerability is to
integrity as well as system availability.

Notes

Author Note
leosilva shipped fig2dev into transfig for xenial and trusty has not the code affected
OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchfig2dev< 1:3.2.7a-7ubuntu0.1UNKNOWN
ubuntu18.04noarchfig2dev< 1:3.2.6a-6ubuntu1.1UNKNOWN

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

41.3%