CVE-2021-42979: Integer Overflow
First published: Tue Dec 07 2021(Updated: )
NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NoMachine Cloud Server | >4.0.346<7.7.4 | |
| >4.0.346<7.7.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-42979?
CVE-2021-42979 is a vulnerability in NoMachine Cloud Server that allows local attackers to execute arbitrary code in kernel mode or cause a denial of service.
How does CVE-2021-42979 impact NoMachine Cloud Server?
CVE-2021-42979 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) in NoMachine Cloud Server.
What is the severity of CVE-2021-42979?
The severity of CVE-2021-42979 is high with a CVSS score of 8.8.
Which versions of NoMachine Cloud Server are affected by CVE-2021-42979?
NoMachine Cloud Server versions above 4.0.346 and below 7.7.4 are affected by CVE-2021-42979.
How can I fix CVE-2021-42979 in NoMachine Cloud Server?
To fix CVE-2021-42979, upgrade NoMachine Cloud Server to a version higher than 7.7.4 or apply any patches or security updates provided by NoMachine.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/nomachine
- canonical/nomachine cloud server