CVE-2021-46021 — Vulnetix

CVE-2021-46021 PUBLISHED CVSS 4.300000190734863 MEDIUM

An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.

EPSS 0.14% · 34.0th percentile

Risk Scores

CVSS v2.0

4.300000190734863

EPSS Score

0.14%

34.0th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
gnu	recutils	1.8.90
fedoraproject	fedora	35, 36

Timeline

Jan 14, 2022 CVE Published
Jan 15, 2022 EPSS Score
Mar 9, 2022 EPSS Score
May 1, 2022 EPSS Score
Jun 24, 2022 EPSS Score
Aug 17, 2022 EPSS Score
Oct 9, 2022 EPSS Score
Dec 1, 2022 EPSS Score
Jan 23, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 18, 2023 EPSS Score
May 10, 2023 EPSS Score

References

https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00008.html url
FEDORA-2022-4e6bd7ca62 vendor-advisory
FEDORA-2022-17787e290f vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-46021 advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDVOFC3HTBG7DF2PZTEXRMG4CV2F55UF url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRSXSN2XF6PX74WDYVV26TQMYIFAEQ3T url

Open in Interactive Console →