Vulnerability Details : CVE-2021-3548

A flaw was found in dmg2img through 20170502. dmg2img did not validate the size of the read buffer during memcpy() inside the main() function. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.

Published 2021-05-26 21:15:08

Updated 2021-06-04 14:10:25

Source Red Hat, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2021-3548

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-3548

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:P	8.6	4.9	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial
7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H	1.8	5.2	nvd@nist.gov
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: None Availability: High

CWE ids for CVE-2021-3548

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Assigned by: secalert@redhat.com (Primary)

References for CVE-2021-3548

https://bugzilla.redhat.com/show_bug.cgi?id=1959585

1959585 – (CVE-2021-3548) CVE-2021-3548 dmg2img: OOB in dmg2img.c memcpy() causing undefined behavior
Issue Tracking;Third Party Advisory

Products affected by CVE-2021-3548

Dmg2img Project » Dmg2img
Versions up to, including, (<=) 20170502
cpe:2.3:a:dmg2img_project:dmg2img:*:*:*:*:*:*:*:*
Matching versions