Bug 1956348 (CVE-2021-20204) - CVE-2021-20204 getdata: Use after free in _GD_Supports() in encoding.c
Summary: CVE-2021-20204 getdata: Use after free in _GD_Supports() in encoding.c
Keywords:
Status: CLOSED UPSTREAM
Alias: CVE-2021-20204
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1956350
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-05-03 14:09 UTC by Pedro Sampaio
Modified: 2021-12-09 16:51 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in libgetdata. A heap memory corruption problem (use after free) can be triggered when processing maliciously crafted dirfile databases. This vulnerability may lead to arbitrary code execution or privilege escalation depending on input/skills of attacker.
Clone Of:
Environment:
Last Closed: 2021-05-03 16:46:32 UTC
Embargoed:


Attachments (Terms of Use)

Description Pedro Sampaio 2021-05-03 14:09:43 UTC
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbitrary code execution or privilege escalation depending on input/skills of attacker.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1917635

Comment 1 Pedro Sampaio 2021-05-03 14:10:28 UTC
Created getdata tracking bugs for this issue:

Affects: fedora-all [bug 1956350]

Comment 2 Product Security DevOps Team 2021-05-03 16:46:32 UTC
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.

Comment 3 Gianluca Gabrielli 2021-05-07 12:27:34 UTC
Could you please share the patch or make https://bugzilla.redhat.com/show_bug.cgi?id=1917635 publicly accessible? Thanks

Comment 10 Gianluca Gabrielli 2021-06-29 16:09:07 UTC
(In reply to Gianluca Gabrielli from comment #3)
> Could you please share the patch or make
> https://bugzilla.redhat.com/show_bug.cgi?id=1917635 publicly accessible?
> Thanks

Hi Pedro, any input here?

Comment 13 Pedro Sampaio 2021-07-07 19:44:47 UTC
In reply to comment #10:
> (In reply to Gianluca Gabrielli from comment #3)
> > Could you please share the patch or make
> > https://bugzilla.redhat.com/show_bug.cgi?id=1917635 publicly accessible?
> > Thanks
> 
> Hi Pedro, any input here?

I don't think there is a patch available but I opened the bug for view:

https://bugzilla.redhat.com/show_bug.cgi?id=1917635


Note You need to log in before you can comment on or make changes to this bug.