CVE-2021-42980: Buffer Overflow
First published: Tue Dec 07 2021(Updated: )
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NoMachine Cloud Server | >4.0.346<7.7.4 | |
| >4.0.346<7.7.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2021-42980.
What is the severity of CVE-2021-42980?
The severity of CVE-2021-42980 is high with a score of 8.8.
Which software versions are affected by CVE-2021-42980?
NoMachine Cloud Server versions above 4.0.346 and below 7.7.4 are affected by CVE-2021-42980.
What is the impact of CVE-2021-42980?
CVE-2021-42980 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash).
Is there a fix available for CVE-2021-42980?
Yes, updating NoMachine Cloud Server to version 7.7.4 or above will fix the vulnerability.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/nomachine
- canonical/nomachine cloud server