A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbitrary code execution or privilege escalation depending on input/skills of attacker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-05-06T14:50:52
Updated: 2024-08-03T17:30:07.554Z
Reserved: 2020-12-17T00:00:00
Link: CVE-2021-20204
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-05-06T15:15:07.907
Modified: 2023-12-13T21:33:31.823
Link: CVE-2021-20204
Redhat
No data.