CVE-2021-33910
First published: Fri Jun 11 2021(Updated: )
Systemd is vulnerable to a denial of service, caused by a memory allocation with an excessive size value in basic/unit-name.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/systemd | <249 | 249 |
| redhat/systemd | <0:239-45.el8_4.2 | 0:239-45.el8_4.2 |
| redhat/systemd | <0:239-18.el8_1.8 | 0:239-18.el8_1.8 |
| redhat/systemd | <0:239-31.el8_2.4 | 0:239-31.el8_2.4 |
| redhat/redhat-virtualization-host | <0:4.4.7-20210715.1.el8_4 | 0:4.4.7-20210715.1.el8_4 |
| Systemd Project Systemd | <246.15 | |
| Systemd Project Systemd | >=247<247.8 | |
| Systemd Project Systemd | >=248<248.5 | |
| Systemd Project Systemd | >=249<249.1 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 | |
| Debian Debian Linux | =10.0 | |
| Netapp Hci Management Node | ||
| Netapp Solidfire | ||
| debian/systemd | 241-7~deb10u8 241-7~deb10u10 247.3-7+deb11u4 252.17-1~deb12u1 254.5-1 | |
| IBM Cloud Pak for Security (CP4S) | <=1.7.2.0 | |
| IBM Cloud Pak for Security (CP4S) | <=1.7.1.0 | |
| IBM Cloud Pak for Security (CP4S) | <=1.7.0.0 |
Remedy
https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9
Remedy
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-33910 https://nvd.nist.gov/vuln/detail/CVE-2021-33910 https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1970887
- https://access.redhat.com/errata/RHSA-2021:2717
- https://access.redhat.com/errata/RHSA-2021:2724
- https://access.redhat.com/errata/RHSA-2021:2721
- https://access.redhat.com/errata/RHSA-2021:2736
- https://access.redhat.com/security/cve/cve-2021-33910
- http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
- http://www.openwall.com/lists/oss-security/2021/08/04/2
- http://www.openwall.com/lists/oss-security/2021/08/17/3
- http://www.openwall.com/lists/oss-security/2021/09/07/3
- https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
- https://github.com/systemd/systemd-stable/commit/4a1c5f34bd3e1daed4490e9d97918e504d19733b
- https://github.com/systemd/systemd-stable/commit/764b74113e36ac5219a4b82a05f311b5a92136ce
- https://github.com/systemd/systemd-stable/commit/b00674347337b7531c92fdb65590ab253bb57538
- https://github.com/systemd/systemd-stable/commit/cfd14c65374027b34dbbc4f0551456c5dc2d1f61
- https://github.com/systemd/systemd/commit/b34a4f0e6729de292cb3b0c03c1d48f246ad896b
- https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
- https://security.gentoo.org/glsa/202107-48
- https://security.netapp.com/advisory/ntap-20211104-0008/
- https://www.debian.org/security/2021/dsa-4942
- https://www.openwall.com/lists/oss-security/2021/07/20/2
- https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
- https://github.com/systemd/systemd/commit/7410616cd9dbbec97cf98d75324da5cda2b2f7a2
- https://github.com/systemd/systemd/commit/441e0115646d54f080e5c3bb0ba477c892861ab9
- https://github.com/systemd/systemd/commit/4e2544c30bfb95e7cb4d1551ba066b1a56520ad6
- https://github.com/systemd/systemd/pull/20256
- https://security-tracker.debian.org/tracker/CVE-2021-33910
- https://access.redhat.com/errata/RHSA-2021:2763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/205907
- https://www.ibm.com/support/pages/node/6493729 (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2LSDMHAKI4LGFOCSPXNVVSEWQFAVFWR7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TMJVNYRY65B4QCJICBYOEIVZV3KUYI/
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2021-33910?
CVE-2021-33910 is a vulnerability found in systemd that allows a local attacker to crash the system by allocating a large amount of space in the stack.
What is the severity of CVE-2021-33910?
The severity of CVE-2021-33910 is high with a CVSS score of 6.2.
How does CVE-2021-33910 affect systemd?
CVE-2021-33910 affects systemd by exploiting the use of alloca function with an uncontrolled size in the unit_name_path_escape function, leading to a stack-based buffer overflow.
How can I fix CVE-2021-33910?
To fix CVE-2021-33910, update systemd to version 249 or higher.
Where can I find more information about CVE-2021-33910?
You can find more information about CVE-2021-33910 in the official GitHub repository of systemd.
- collector/redhat-cve
- collector/nvd-index
- collector/security-tracker-debian
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/weakness
- agent/references
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-33910
- agent/software-canonical-lookup
- agent/event
- collector/ibm-support
- source/IBM
- agent/tags
- collector/mitre-cve
- source/MITRE
- package-manager/redhat
- vendor/systemd project
- canonical/systemd project systemd
- version/systemd project systemd/247
- version/systemd project systemd/248
- version/systemd project systemd/249
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- vendor/netapp
- canonical/netapp hci management node
- canonical/netapp solidfire
- package-manager/debian
- vendor/ibm
- canonical/ibm cloud pak for security (cp4s)
- version/ibm cloud pak for security (cp4s)/1.7.2.0
- version/ibm cloud pak for security (cp4s)/1.7.1.0
- version/ibm cloud pak for security (cp4s)/1.7.0.0