Vulnerability Description
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Portable Runtime | 1.7.0 |
| Oracle | Http Server | 12.2.1.3.0 |
Related Weaknesses (CWE)
References
- http://mail-archives.apache.org/mod_mbox/www-announce/201710.mbox/%3CCACsi251B8U
- http://svn.apache.org/viewvc?view=revision&revision=1891198Vendor Advisory
- http://www.openwall.com/lists/oss-security/2021/08/23/1Mailing ListThird Party Advisory
- https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.PatchVendor Advisory
- https://lists.apache.org/thread.html/r1c788464a25fbc046a72aff451bc8186386315d92a
- https://lists.apache.org/thread.html/r317c398ee5736e627f7887b06607e5c58b45a696d3
- https://lists.apache.org/thread.html/r54c755c74b9e3846cfd84039b1967d37d2870750a0
- https://lists.apache.org/thread.html/r72479f4dcffaa8a4732d5a0e87fecc4bace4932e28
- https://lists.apache.org/thread.html/r72a069753b9363c29732e59ad8f0d22a633fb6a699
- https://lists.apache.org/thread.html/r7bb4a6ed88fc48152174e664aae30ea9a8b058eb5b
- https://lists.apache.org/thread.html/r7bb4a6ed88fc48152174e664aae30ea9a8b058eb5b
- https://lists.apache.org/thread.html/ra2868b53339a6af65577146ad87016368c138388b0Mailing ListVendor Advisory
- https://lists.apache.org/thread.html/ra2868b53339a6af65577146ad87016368c138388b0Mailing ListVendor Advisory
- https://lists.apache.org/thread.html/ra38094406cc38a05218ebd1158187feda021b0c3a1
- https://lists.apache.org/thread.html/rafe54755850e93de287c36540972457b2dd8633210
FAQ
What is CVE-2021-35940?
CVE-2021-35940 is a vulnerability with a CVSS score of 7.1 (HIGH). An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x br...
How severe is CVE-2021-35940?
CVE-2021-35940 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-35940?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Portable Runtime, Oracle Http Server.