CVE-2021-3696 - OpenCVE

A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Grub2
Netapp	Ontap Select Deploy Administration Utility
Redhat	Codeready Linux Builder Developer Tools Enterprise Linux Enterprise Linux Eus Enterprise Linux For Power Little Endian Enterprise Linux For Power Little Endian Eus Enterprise Linux Server Aus Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Enterprise Linux Server Tus Openshift Openshift Container Platform Rhel E4s Rhel Eus

Configuration 1 [-]

cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:redhat:developer_tools:1.0:::::::*
	cpe:2.3:a:redhat:openshift:3.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

Configuration 3 [-]

AND

OR	cpe:2.3:a:redhat:openshift_container_platform:4.6:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.9:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.10:::::::*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.0:::::::*

Configuration 5 [-]

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
grub2-1:2.02-123.el8_6.8	cpe:/o:redhat:enterprise_linux:8	RHSA-2022:5095	2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
grub2-1:2.02-87.el8_1.10	cpe:/o:redhat:rhel_e4s:8.1	RHSA-2022:5098	2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.2 Extended Update Support
grub2-1:2.02-87.el8_2.10	cpe:/o:redhat:rhel_eus:8.2	RHSA-2022:5100	2022-06-16T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support
grub2-1:2.02-99.el8_4.9	cpe:/o:redhat:rhel_eus:8.4	RHSA-2022:5096	2022-06-16T00:00:00Z
Red Hat Enterprise Linux 9
grub2-1:2.06-27.el9_0.7	cpe:/o:redhat:enterprise_linux:9	RHSA-2022:5099	2022-06-16T00:00:00Z

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=1991686
https://nvd.nist.gov/vuln/detail/CVE-2021-3696
https://security.gentoo.org/glsa/202209-12
https://security.netapp.com/advisory/ntap-20220930-0001/
https://www.cve.org/CVERecord?id=CVE-2021-3696

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-07-06T15:06:43

Updated: 2024-08-03T17:01:08.303Z

Reserved: 2021-08-10T00:00:00

Link: CVE-2021-3696

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-07-06T16:15:08.270

Modified: 2023-09-13T16:15:41.777

Link: CVE-2021-3696

Redhat

Severity : Moderate

Publid Date: 2022-06-07T00:00:00Z

Links: CVE-2021-3696 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object