CVE-2021-34338 - Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c fil

CVE-2021-34338

Summary

Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.

References

https://github.com/libming/libming/issues/201
https://bugzilla.redhat.com/show_bug.cgi?id=1969616

Vulnerable Configurations

cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:libming:ming:0.4.8:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 12-03-2022 - 04:11)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

Last major update

12-03-2022 - 04:11

Published

10-03-2022 - 17:42

Last modified

12-03-2022 - 04:11