Vulnerability CVE-2021-3345

Vulnerability Name:

CVE-2021-3345 (CCN-195796)

Assigned:

2021-01-28

Published:

2021-01-28

Updated:

2022-04-26

Summary:

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-3345

Source: CCN
Type: Google Security Research Issue 2145
gpg: heap buffer overflow in libgcrypt

Source: CCN
Type: Gentoo's Bugzilla - Bug 767814
dev-libs/libgcrypt-1.9.1: Exploitable buffer overflow (CVE-2021-3345)

Source: MISC
Type: Issue Tracking, Vendor Advisory
https://bugs.gentoo.org/show_bug.cgi?id=767814

Source: XF
Type: UNKNOWN
gnupg-cve20213345-bo(195796)

Source: MISC
Type: Mailing List, Patch, Third Party Advisory
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08

Source: MISC
Type: Vendor Advisory
https://gnupg.org

Source: MISC
Type: Mailing List, Vendor Advisory
https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html

Source: CCN
Type: GnuPG Web site
[Announce] [Security fix] Libgcrypt 1.9.1 relased

Source: MISC
Type: Mailing List, Patch, Vendor Advisory
https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html

Source: CCN
Type: Packet Storm Security [02-01-2021]
GPG libgcrypt Heap Buffer Overflow

Source: N/A
Type: Third Party Advisory
N/A

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-3345

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnupg:libgcrypt:1.9.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnupg:libgcrypt:1.9.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7592	P	libgcrypt-devel-1.9.4-150500.10.19 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3007	P	apache-commons-beanutils-1.9.2-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94637	P	libgcrypt-devel-1.9.4-150400.4.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:112636	P	libgcrypt-cavs-1.9.4-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106117	P	Security update for busybox (Important) (in QA)	2022-01-14

BACK