Vulnerability CVE-2021-3520

Vulnerability Name:

CVE-2021-3520 (CCN-202592)

Assigned:

2021-04-28

Published:

2021-04-28

Updated:

2023-02-12

Summary:

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.6 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
7.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): High

8.6 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
7.5 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Complete

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-3520

Source: CCN
Type: Red Hat Bugzilla Bug 1954559
(CVE-2021-3520) - CVE-2021-3520 lz4: memory corruption due to an integer overflow bug caused by memmove argument

Source: secalert@redhat.com
Type: Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
lz4-cve20213520-overflow(202592)

Source: CCN
Type: lz4 GIT Repository
Fix potential memory corruption with negative memmove() size #972

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 6493729 (Cloud Pak for Security)
Cloud Pak for Security is vulnerable to several CVEs

Source: CCN
Type: IBM Security Bulletin 6520474 (QRadar SIEM)
IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6538418 (Security Verify Access)
Multiple Security Vulnerabilities fixed in IBM Security Verify Access

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6575667 (Spectrum Discover)
High severity vulnerabilities in libraries used by IBM Spectrum Discover (libraries of libraries)

Source: secalert@redhat.com
Type: Patch, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: Oracle CPUApr2022
Oracle Critical Patch Update Advisory - April 2022

Source: secalert@redhat.com
Type: Patch, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch, Third Party Advisory
secalert@redhat.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7611	P	liblz4-1-1.9.3-150400.1.7 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:709	P	Security update for dpdk (Important)	2022-08-23
oval:org.opensuse.security:def:3412	P	yast2-core-3.3.1-1.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3610	P	libjansson4-2.12-3.5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3026	P	bluez-5.13-5.12.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94656	P	liblz4-1-1.9.3-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94524	P	cpio-2.13-150400.1.98 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:112679	P	liblz4-1-1.9.3-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:97014	P	libfreebl3-hmac-3.41.1-3.13.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:101237	P	texlive-12many-2017.133.0.0.3svn15878-6.18 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:99657	P	(Important)	2021-07-12
oval:org.opensuse.security:def:111558	P	Security update for lz4 (Important)	2021-07-10
oval:com.redhat.rhsa:def:20212575	P	RHSA-2021:2575: lz4 security update (Moderate)	2021-06-29
oval:org.opensuse.security:def:99965	P	(Critical)	2021-06-21
oval:org.opensuse.security:def:64699	P	Security update for lz4 (Important)	2021-06-01
oval:org.opensuse.security:def:100613	P	(Important)	2021-06-01
oval:org.opensuse.security:def:99638	P	(Important)	2021-06-01
oval:org.opensuse.security:def:101440	P	Security update for lz4 (Important)	2021-06-01
oval:org.opensuse.security:def:73821	P	Security update for lz4 (Important)	2021-06-01
oval:org.opensuse.security:def:99949	P	(Important)	2021-06-01
oval:org.opensuse.security:def:100284	P	(Important)	2021-06-01
oval:org.opensuse.security:def:111395	P	Security update for lz4 (Important)	2021-05-22
oval:org.opensuse.security:def:117418	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:9509	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:99458	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:92906	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:70220	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:73623	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:42073	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:8758	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:98869	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:92309	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:69466	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:9708	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:96955	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:93059	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:70399	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:8953	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:99064	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:92508	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:69649	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:10080	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:93212	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:91919	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:64501	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:9326	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:107903	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:99259	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:92707	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:69848	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:10259	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:8581	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:92114	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:26049	P	Security update for lz4 (Important)	2021-05-14
oval:org.opensuse.security:def:5036	P	Security update for lz4 (Important)	2021-05-14

BACK