VDB

CVE-2021-3345

CVE-2021-3345 REJECTED

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

EPSS 5.71% · 90.6th percentile

Risk Scores

EPSS Score
5.71%
90.6th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSlibgcrypt201.6.5-2, 1.6.5-2ubuntu0.2, 1.6.5-2ubuntu0.3
Ubuntu:Pro:14.04:LTSlibgcrypt111.5.3-2ubuntu4.1, 1.5.3-2ubuntu4.2, 1.5.3-2ubuntu4.3
Ubuntu:18.04:LTSlibgcrypt201.7.8-2ubuntu1, 1.7.9-1, 1.8.1-4
Ubuntu:20.04:LTSlibgcrypt200, 1.8.4-5ubuntu2, 1.8.5-3ubuntu1

Exploit Intelligence

…and 12 more exploits

Timeline

  • Jan 29, 2021 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 13, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›