CVE-2021-3200: Buffer Overflow

Reference Links

• https://exchange.xforce.ibmcloud.com/vulnerabilities/203837
• https://www.ibm.com/support/pages/node/6574787 (Advisory)
• https://github.com/openSUSE/libsolv/issues/416
• https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1962308
• https://github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec
• https://access.redhat.com/errata/RHSA-2021:4408
• https://access.redhat.com/errata/RHSA-2022:5498
• https://bugzilla.redhat.com/show_bug.cgi?id=1962307

Parent vulnerabilities

(Appears in the following advisories)

• IBM-6574787

Frequently Asked Questions

• What is the vulnerability ID?

  The vulnerability ID is CVE-2021-3200.

• What is the title of the vulnerability?

  The title of the vulnerability is 'Libsolv is vulnerable to a denial of service caused by a buffer overflow in the testcase_read function.'

• What is the severity of CVE-2021-3200?

  The severity of CVE-2021-3200 is low with a CVSS score of 3.3.

• Which software is affected by CVE-2021-3200?

  Libsolv version 0.7.17 and IBM QRadar SIEM versions 7.5.0 GA, 7.4.3 GA - 7.4.3 FP4, and 7.3.3 GA - 7.3.3 FP10 are affected by CVE-2021-3200.

• How can I fix CVE-2021-3200 in Libsolv?

  Update Libsolv to version 0.7.17.

• How can I fix CVE-2021-3200 in IBM QRadar SIEM 7.5.0 GA?

  Apply the patch available at: https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20220215133427&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true

• How can I fix CVE-2021-3200 in IBM QRadar SIEM 7.4.3 GA - 7.4.3 FP4?

  Apply the patch available at: https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20220307203834&includeRequisites=1&includeSupersedes=0&downloadMethod=http

• How can I fix CVE-2021-3200 in IBM QRadar SIEM 7.3.3 GA - 7.3.3 FP10?

  Apply the patch available at: https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Vulnerability+Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20220318161607&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR

• What is the Common Weakness Enumeration (CWE) ID associated with CVE-2021-3200?

  The CWE ID associated with CVE-2021-3200 is CWE-119.

• Where can I find more information about CVE-2021-3200?

  You can find more information about CVE-2021-3200 at the following references: [github.com/openSUSE/libsolv/issues/416](https://github.com/openSUSE/libsolv/issues/416), [bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1962308](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1962308), [github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec](https://github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec).