A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Gnu
  • Grub2
Netapp
  • Ontap Select Deploy Administration Utility
Redhat
  • Codeready Linux Builder
  • Developer Tools
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
  • Enterprise Linux Server Tus
  • Openshift
  • Openshift Container Platform
  • Rhel E4s
  • Rhel Eus

Configuration 1 [-]

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
grub2-1:2.02-123.el8_6.8 cpe:/o:redhat:enterprise_linux:8 RHSA-2022:5095 2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
grub2-1:2.02-87.el8_1.10 cpe:/o:redhat:rhel_e4s:8.1 RHSA-2022:5098 2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
grub2-1:2.02-87.el8_2.10 cpe:/o:redhat:rhel_eus:8.2 RHSA-2022:5100 2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support
grub2-1:2.02-99.el8_4.9 cpe:/o:redhat:rhel_eus:8.4 RHSA-2022:5096 2022-06-16T00:00:00Z
Red Hat Enterprise Linux 9
grub2-1:2.06-27.el9_0.7 cpe:/o:redhat:enterprise_linux:9 RHSA-2022:5099 2022-06-16T00:00:00Z
References
Link Providers
https://bugzilla.redhat.com/show_bug.cgi?id=1991686 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-3696 cve-icon
https://security.gentoo.org/glsa/202209-12 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20220930-0001/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-3696 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-03T17:01:08.303Z

Reserved: 2021-08-10T00:00:00

Link: CVE-2021-3696

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-07-06T16:15:08.270

Modified: 2024-11-21T06:22:10.657

Link: CVE-2021-3696

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-06-07T00:00:00Z

Links: CVE-2021-3696 - Bugzilla