CVE-2021-27219

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*
cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:57

Type Values Removed Values Added
References () https://gitlab.gnome.org/GNOME/glib/-/issues/2319 - Exploit, Issue Tracking, Third Party Advisory () https://gitlab.gnome.org/GNOME/glib/-/issues/2319 - Exploit, Issue Tracking, Third Party Advisory
References () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E - () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E -
References () https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/ -
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/ -
References () https://security.gentoo.org/glsa/202107-13 - Third Party Advisory () https://security.gentoo.org/glsa/202107-13 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20210319-0004/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20210319-0004/ - Third Party Advisory

07 Nov 2023, 03:31

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/', 'name': 'FEDORA-2021-7b5e2e6844', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E', 'name': '[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/', 'name': 'FEDORA-2021-7c71cda8da', 'tags': ['Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJMPNDO4GDVURYQFYKFOWY5HAF4FTEPN/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2REA7RVKN7ZHRLJOEGBRQKJIPZQPAELZ/ -
  • () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E -

Information

Published : 2021-02-15 17:15

Updated : 2024-11-21 05:57


NVD link : CVE-2021-27219

Mitre link : CVE-2021-27219

CVE.ORG link : CVE-2021-27219


JSON object : View

Products Affected

netapp

  • e-series_performance_analyzer
  • cloud_backup
  • active_iq_unified_manager

gnome

  • glib

debian

  • debian_linux

fedoraproject

  • fedora

broadcom

  • brocade_fabric_operating_system_firmware
CWE
CWE-681

Incorrect Conversion between Numeric Types