{
  "threat_severity" : "Moderate",
  "public_date" : "2022-01-11T00:00:00Z",
  "bugzilla" : {
    "description" : "glibc: Off-by-one buffer overflow/underflow in getcwd()",
    "id" : "2024637",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-193",
  "details" : [ "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system." ],
  "statement" : "This issue was rated as having Moderate impact because of the prerequisites required for successful exploitation. To the best of our knowledge, there is no actual setuid exposure to the vulnerable getcwd() usage pattern.",
  "acknowledgement" : "Red Hat would like to thank Qualys Research Labs for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-03-15T00:00:00Z",
    "advisory" : "RHSA-2022:0896",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "glibc-0:2.28-164.el8_5.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-03-15T00:00:00Z",
    "advisory" : "RHSA-2022:0896",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "glibc-0:2.28-164.el8_5.3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "compat-glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "compat-glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "glibc",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-3999\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3999\nhttps://www.openwall.com/lists/oss-security/2022/01/24/4" ],
  "name" : "CVE-2021-3999",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}