CVE-2021-32435
Ubuntu Security Notice USN-5961-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.
Un desbordamiento del búfer en la región Stack de la memoria en la función get_key en el archivo parse.c de abcm2ps versión v8.14.11, permite a atacantes remotos causar una denegación de servicio (DoS) por medio de vectores no especificados
It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-07 CVE Reserved
- 2022-03-10 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2022/04/msg00015.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/leesavide/abcm2ps/issues/84 | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/leesavide/abcm2ps/commit/3169ace6d63f6f517a64e8df0298f44a490c4a15 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Abcm2ps Project Search vendor "Abcm2ps Project" | Abcm2ps Search vendor "Abcm2ps Project" for product "Abcm2ps" | 8.14.11 Search vendor "Abcm2ps Project" for product "Abcm2ps" and version "8.14.11" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 36 Search vendor "Fedoraproject" for product "Fedora" and version "36" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||