2024633 – (CVE-2021-3998) CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data based on the application

Bug 2024633 (CVE-2021-3998) - CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data based on the application

Summary: CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data ...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2021-3998
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2032276 2039674
Blocks:	2024641
TreeView+	depends on / blocked

Reported:	2021-11-18 14:35 UTC by Pedro Sampaio
Modified:	2024-01-05 15:48 UTC (History)
CC List:	29 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
Clone Of:
Environment:
Last Closed:	2024-01-05 15:48:18 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Sourceware	28770	0	P2	NEW	Unexpected return value from realpath() for too long results (CVE-2021-3998)	2022-01-12 17:48:51 UTC

Description Pedro Sampaio 2021-11-18 14:35:19 UTC

A flaw was found in glibc. The realpath function may sometimes return a unexpected value, potentially leading to disclosure of sensitive data.

Comment 14 Mauro Matteo Cascella 2021-11-30 10:34:03 UTC

RHEL 6, 7 and 8 are not affected by this bug as they ship an older version of glibc which does not include the vulnerable code (i.e. realpath_stk() function does not exist).

Comment 18 Mauro Matteo Cascella 2022-01-12 08:36:05 UTC

Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 2039674]

Comment 19 Siddhesh Poyarekar 2022-01-12 17:45:48 UTC

Filed upstream:

https://sourceware.org/bugzilla/show_bug.cgi?id=28770

Comment 20 Siddhesh Poyarekar 2022-01-13 06:09:29 UTC

I've posted a fix for review: https://patchwork.sourceware.org/project/glibc/patch/20220113055920.3155918-1-siddhesh@sourceware.org/

Comment 21 Mauro Matteo Cascella 2022-01-24 14:35:58 UTC

Upstream commit:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ee8d5e33adb284601c00c94687bc907e10aec9bb

Note You need to log in before you can comment on or make changes to this bug.

aoliva
arjun.is
ashankar
bdettelb
caswilli
codonell
dhalasz
dj
fjansen
fweimer
ganandan
glibc-bugzilla
jburrell
jwong
kaycoth
kyoshida
law
mcascell
mcermak
mfabian
micjohns
pfrankli
psegedy
rth
sipoyare
sthirugn
vkrizan
vkumar
vmugicag