Vulnerability CVE-2021-3200

Vulnerability Name:

CVE-2021-3200 (CCN-203837)

Assigned:

2020-12-13

Published:

2020-12-13

Updated:

2022-07-30

Summary:

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service

CVSS v3 Severity:

3.3 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

3.3 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-120
CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-3200

Source: XF
Type: UNKNOWN
libsolv-cve20213200-dos(203837)

Source: CCN
Type: libsolv GIT Repository
libsolv testcase_read function a heap overflow vulnerability #416

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/openSUSE/libsolv/issues/416

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334

Source: CCN
Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation)
Multiple security vulnerabilities fixed in Cloud Pak for Automation components

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6560126 (Sterling Connect:Direct for UNIX Certified Container)
IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93

Source: CCN
Type: IBM Security Bulletin 6574787 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: Oracle CPUApr2022
Oracle Critical Patch Update Advisory - April 2022

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:opensuse:libsolv:*:*:*:*:*:*:*:* (Version < 0.7.17)

Configuration 2:

cpe:/a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.redhat.rhsa:def:20214408	P	RHSA-2021:4408: libsolv security and bug fix update (Low)	2021-11-09
oval:org.opensuse.security:def:57960	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:51606	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:31218	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:86115	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:60302	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:33683	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:88467	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:84174	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:58782	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:51923	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:31651	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:23618	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:86601	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:57041	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:33941	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:89161	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:84633	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:59506	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:32137	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:23935	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:87423	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:57474	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:34479	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:89419	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:85682	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:59764	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:32959	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:26086	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:88153	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:56041	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:29390	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:82597	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:30098	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:55213	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:83305	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:30218	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:55921	P	Security update for libsolv (Moderate)	2021-06-23
oval:org.opensuse.security:def:83425	P	Security update for libsolv (Moderate)	2021-06-23

BACK