First published: Thu Nov 18 2021(Updated: )
A flaw was found in glibc. An off-by-one buffer overflow and underflow ...
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/glibc | 2.31-13+deb11u11 2.31-13+deb11u10 2.36-9+deb12u10 2.36-9+deb12u7 2.41-6 | |
GNU C Library (glibc) | <2.31 | |
Debian Linux | =10.0 | |
Debian Linux | =11.0 | |
NetApp E-Series Performance Analyzer | ||
NetApp NFS Plug-in for VMware VAAI | ||
NetApp ONTAP Select Deploy | ||
All of | ||
NetApp H300S Firmware | ||
NetApp H300S Firmware | ||
All of | ||
NetApp H500e Firmware | ||
NetApp H500e Firmware | ||
All of | ||
NetApp H700S | ||
NetApp H700S | ||
All of | ||
NetApp H410S | ||
NetApp H410S Firmware | ||
All of | ||
NetApp H410C | ||
NetApp H410C Firmware | ||
NetApp H300S Firmware | ||
NetApp H300S Firmware | ||
NetApp H500e Firmware | ||
NetApp H500e Firmware | ||
NetApp H700S | ||
NetApp H700S | ||
NetApp H410S | ||
NetApp H410S Firmware | ||
NetApp H410C | ||
NetApp H410C Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-3999 is a vulnerability in glibc that allows for an off-by-one buffer overflow and underflow in getcwd(), leading to potential memory corruption and arbitrary code execution.
CVE-2021-3999 has a severity rating of 7.8 (High).
CVE-2021-3999 affects glibc versions 2.28-10+deb10u2, 2.31-13+deb11u6, 2.31-13+deb11u7, 2.36-9+deb12u2, 2.36-9+deb12u3, and 2.37-12.
CVE-2021-3999 can be fixed on Debian Debian Linux 10.0 by updating glibc to version 2.31 or higher.
Yes, Netapp E-series Performance Analyzer and Netapp Nfs Plug-in are affected by CVE-2021-3999.