Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2021-21401): Nanopb vulnerabilities

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Ubuntu: (Multiple Advisories) (CVE-2021-21401): Nanopb vulnerabilities

Severity
6
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:P)
Published
03/23/2021
Created
05/31/2023
Added
05/31/2023
Modified
05/31/2023

Description

Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message type contains an `oneof` field, and the `oneof` directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the data of the non-pointer field is incorrectly treated as if it was a pointer value. Such message data rarely occurs in normal messages, but it is a concern when untrusted data is parsed. This has been fixed in versions 0.3.9.8 and 0.4.5. See referenced GitHub Security Advisory for more information including workarounds.

Solution(s)

  • ubuntu-upgrade-nanopb

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;