Bug 2024633 (CVE-2021-3998) - CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data based on the application
Summary: CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data ...
Keywords:
Status: NEW
Alias: CVE-2021-3998
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2032276 2039674
Blocks: 2024641
TreeView+ depends on / blocked
 
Reported: 2021-11-18 14:35 UTC by Pedro Sampaio
Modified: 2022-05-17 09:43 UTC (History)
32 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Sourceware 28770 0 P2 NEW Unexpected return value from realpath() for too long results (CVE-2021-3998) 2022-01-12 17:48:51 UTC

Description Pedro Sampaio 2021-11-18 14:35:19 UTC
A flaw was found in glibc. The realpath function may sometimes return a unexpected value, potentially leading to disclosure of sensitive data.

Comment 14 Mauro Matteo Cascella 2021-11-30 10:34:03 UTC
RHEL 6, 7 and 8 are not affected by this bug as they ship an older version of glibc which does not include the vulnerable code (i.e. realpath_stk() function does not exist).

Comment 18 Mauro Matteo Cascella 2022-01-12 08:36:05 UTC
Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 2039674]

Comment 19 Siddhesh Poyarekar 2022-01-12 17:45:48 UTC
Filed upstream:

https://sourceware.org/bugzilla/show_bug.cgi?id=28770

Comment 20 Siddhesh Poyarekar 2022-01-13 06:09:29 UTC
I've posted a fix for review: https://patchwork.sourceware.org/project/glibc/patch/20220113055920.3155918-1-siddhesh@sourceware.org/


Note You need to log in before you can comment on or make changes to this bug.