Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1280 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2021-08-13T22:40:18
Updated: 2021-08-13T22:40:18
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-21813
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-13T23:15:07.257
Modified: 2022-10-06T18:19:14.497
Link: CVE-2021-21813
JSON object: View
Redhat Information
No data.
CWE