CVE-2021-21813: Buffer Overflow
First published: Fri Aug 13 2021(Updated: )
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Att Xmill | =0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-21813?
CVE-2021-21813 is a vulnerability that allows for a stack-buffer overflow in the Att Xmill software version 0.7.
How does CVE-2021-21813 occur?
CVE-2021-21813 occurs when the user provides a file pattern as an argument to the Att Xmill software's HandleFileArg function, which is not properly checked for length, resulting in a stack-buffer overflow.
What is the severity of CVE-2021-21813?
CVE-2021-21813 has a severity rating of 7.8 out of 10, indicating a high severity.
What is the affected software for CVE-2021-21813?
The Att Xmill software version 0.7 is affected by CVE-2021-21813.
Is there a fix for CVE-2021-21813?
At the moment, there is no specific fix available for CVE-2021-21813. It is recommended to follow the vendor's advisory for any updates or patches.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/att
- canonical/att xmill
- version/att xmill/0.7