Vulnerability Description
A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atomicparsley Project | Atomicparsley | <= 20210124.204813.840499f |
Related Weaknesses (CWE)
References
- https://github.com/wez/atomicparsley/commit/d72ccf06c98259d7261e0f3ac4fd87177787PatchThird Party Advisory
- https://github.com/wez/atomicparsley/issues/32ExploitPatchThird Party Advisory
- https://security.gentoo.org/glsa/202305-01
- https://github.com/wez/atomicparsley/commit/d72ccf06c98259d7261e0f3ac4fd87177787PatchThird Party Advisory
- https://github.com/wez/atomicparsley/issues/32ExploitPatchThird Party Advisory
- https://security.gentoo.org/glsa/202305-01
FAQ
What is CVE-2021-37232?
CVE-2021-37232 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_re...
How severe is CVE-2021-37232?
CVE-2021-37232 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-37232?
Check the references section above for vendor advisories and patch information. Affected products include: Atomicparsley Project Atomicparsley.