CVE-2021-33910

NameCVE-2021-33910
Descriptionbasic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-2715-1, DSA-4942-1
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)stretch232-25+deb9u12vulnerable
stretch (security)232-25+deb9u13fixed
buster, buster (security)241-7~deb10u8fixed
bullseye247.3-6fixed
bookworm, sid249.5-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
systemdsourcestretch232-25+deb9u13DLA-2715-1
systemdsourcebuster241-7~deb10u8DSA-4942-1
systemdsource(unstable)247.3-6

Notes

https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
Introduced by: https://github.com/systemd/systemd/commit/7410616cd9dbbec97cf98d75324da5cda2b2f7a2 (v220)
Fixed by: https://github.com/systemd/systemd/commit/441e0115646d54f080e5c3bb0ba477c892861ab9
Fixed by: https://github.com/systemd/systemd/commit/4e2544c30bfb95e7cb4d1551ba066b1a56520ad6 (comment fix)
https://github.com/systemd/systemd/pull/20256

Search for package or bug name: Reporting problems