Vulnerability Details : CVE-2021-3578
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2021-3578
Probability of exploitation activity in the next 30 days: 0.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 63 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-3578
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
[email protected] |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
[email protected] |
CWE ids for CVE-2021-3578
-
The product does not correctly convert an object, resource, or structure from one type to a different type.Assigned by:
- [email protected] (Primary)
- [email protected] (Secondary)
References for CVE-2021-3578
-
https://bugzilla.redhat.com/show_bug.cgi?id=1961710
Not Applicable
-
https://bugzilla.redhat.com/show_bug.cgi?id=1967397
Issue Tracking;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/06/07/1
Mailing List;Patch;Third Party Advisory
-
https://security.gentoo.org/glsa/202208-15
Third Party Advisory
-
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Not Applicable
-
https://lists.debian.org/debian-lts-announce/2022/07/msg00001.html
Mailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/RPIDLIJKNRJHUVBCL7QGAPAAVPIHQGXK/
Mailing List;Third Party Advisory
-
https://www.openwall.com/lists/oss-security/2021/06/07/1
Mailing List;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/U75UFEWRAZYKVL5NHMPBUOLWN3WXTOEI/
Mailing List;Third Party Advisory
Products affected by CVE-2021-3578
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:a:isync_project:isync:*:*:*:*:*:*:*:*
- cpe:2.3:a:isync_project:isync:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:isync_project:isync:1.4.0:*:*:*:*:*:*:*