Bug 2041489 (CVE-2021-45417) - CVE-2021-45417 aide: heap-based buffer overflow on outputs larger than B64_BUF
Summary: CVE-2021-45417 aide: heap-based buffer overflow on outputs larger than B64_BUF
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-45417
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2041950 2041951 2041952 2041953 2041954 2041955 2041956 2041957 2042785 2042786 2043054 2043471
Blocks: 2041490
TreeView+ depends on / blocked
 
Reported: 2022-01-17 13:48 UTC by Marian Rehak
Modified: 2022-07-06 13:32 UTC (History)
11 users (show)

Fixed In Version: aide 0.17.4
Doc Type: If docs needed, set a value
Doc Text:
A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (<16k) extended file attributes or ACL.
Clone Of:
Environment:
Last Closed: 2022-02-15 12:17:29 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:0440 0 None None None 2022-02-07 08:34:48 UTC
Red Hat Product Errata RHSA-2022:0441 0 None None None 2022-02-07 08:35:56 UTC
Red Hat Product Errata RHSA-2022:0456 0 None None None 2022-02-07 17:22:26 UTC
Red Hat Product Errata RHSA-2022:0464 0 None None None 2022-02-08 11:33:35 UTC
Red Hat Product Errata RHSA-2022:0472 0 None None None 2022-02-08 14:58:58 UTC
Red Hat Product Errata RHSA-2022:0473 0 None None None 2022-02-08 15:17:52 UTC
Red Hat Product Errata RHSA-2022:0540 0 None None None 2022-02-15 10:59:09 UTC
Red Hat Product Errata RHSA-2022:1263 0 None None None 2022-04-07 09:03:21 UTC

Description Marian Rehak 2022-01-17 13:48:32 UTC 
A heap-based buffer overflow vulnerability in base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (<16k) extended file attributes or ACL. A local user might exploit this flaw for root privilege escalation.
Comment 7 Sandipan Roy 2022-01-20 14:39:18 UTC 
Created aide tracking bugs for this issue:

Affects: fedora-all [bug 2043054]
Comment 8 Sandipan Roy 2022-01-20 14:41:38 UTC 
Upstream Patch: https://github.com/aide/aide/commit/175d1f2626f4500b4fc5ecb7167bba9956b174bc
Upstream Release: https://github.com/aide/aide/releases/tag/v0.17.4
Comment 9 Sandro Bonazzola 2022-01-21 10:10:34 UTC 
Created oVirt tracking bug for this issue:

Affects: oVirt Node 4.4 [ bug 2043471 ]
Comment 12 errata-xmlrpc 2022-02-07 08:34:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:0440 https://access.redhat.com/errata/RHSA-2022:0440
Comment 13 errata-xmlrpc 2022-02-07 08:35:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:0441 https://access.redhat.com/errata/RHSA-2022:0441
Comment 14 errata-xmlrpc 2022-02-07 17:22:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:0456 https://access.redhat.com/errata/RHSA-2022:0456
Comment 15 errata-xmlrpc 2022-02-08 11:33:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:0464 https://access.redhat.com/errata/RHSA-2022:0464
Comment 16 errata-xmlrpc 2022-02-08 14:58:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support

Via RHSA-2022:0472 https://access.redhat.com/errata/RHSA-2022:0472
Comment 17 errata-xmlrpc 2022-02-08 15:17:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0473 https://access.redhat.com/errata/RHSA-2022:0473
Comment 18 errata-xmlrpc 2022-02-15 10:59:06 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Via RHSA-2022:0540 https://access.redhat.com/errata/RHSA-2022:0540
Comment 19 Product Security DevOps Team 2022-02-15 12:17:27 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-45417
Comment 20 errata-xmlrpc 2022-04-07 09:03:19 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Via RHSA-2022:1263 https://access.redhat.com/errata/RHSA-2022:1263
Note You need to log in before you can comment on or make changes to this bug.