CVE-2021-32435

Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

References

Affected packages

Git / github.com/lewdlime/abcm2ps

Affected ranges

Type: GIT
Repo: https://github.com/lewdlime/abcm2ps
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3169ace6d63f6f517a64e8df0298f44a490c4a15

Affected versions

abcm2ps-1.*

abcm2ps-1.6.12

abcm2ps-2.*

abcm2ps-2.11.3

abcm2ps-3.*

abcm2ps-3.7.21

abcm2ps-4.*

abcm2ps-4.12.30

abcm2ps-5.*

abcm2ps-5.9.25

abcm2ps-6.*

abcm2ps-6.6.22

abcm2ps-7.*

abcm2ps-7.8.14

abcm2ps-8.*

abcm2ps-8.11.5

abcm2ps-8.11.7

abcm2ps-8.12.1

abcm2ps-8.12.4

abcm2ps-8.12.8

abcm2ps-8.12.9

abcm2ps-8.13.0

abcm2ps-8.13.1

abcm2ps-8.13.10

abcm2ps-8.13.11

abcm2ps-8.13.12

abcm2ps-8.13.13

abcm2ps-8.13.2

abcm2ps-8.13.3

abcm2ps-8.13.4

abcm2ps-8.13.5

abcm2ps-8.13.7

abcm2ps-8.13.8

abcm2ps-8.13.9

v8.*

v8.13.14

v8.13.15

v8.13.16

v8.13.17

v8.13.18

v8.13.19

v8.13.20

v8.13.21

v8.13.22

v8.13.23

v8.13.24

v8.14.0

v8.14.1

v8.14.10

v8.14.11

v8.14.2

v8.14.3

v8.14.4

v8.14.5

v8.14.6

v8.14.7

v8.14.8

v8.14.9

Database specific

vanir_signatures

[
    {
        "target": {
            "function": "parse_line",
            "file": "abcparse.c"
        },
        "source": "https://github.com/lewdlime/abcm2ps/commit/3169ace6d63f6f517a64e8df0298f44a490c4a15",
        "id": "CVE-2021-32435-0d638268",
        "signature_version": "v1",
        "digest": {
            "function_hash": "315573429086906392801103517006739127853",
            "length": 9550.0
        },
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "target": {
            "function": "parse_note",
            "file": "abcparse.c"
        },
        "source": "https://github.com/lewdlime/abcm2ps/commit/3169ace6d63f6f517a64e8df0298f44a490c4a15",
        "id": "CVE-2021-32435-5d4f5bb7",
        "signature_version": "v1",
        "digest": {
            "function_hash": "307387952288825680517726304449811507168",
            "length": 4217.0
        },
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "abcparse.c"
        },
        "source": "https://github.com/lewdlime/abcm2ps/commit/3169ace6d63f6f517a64e8df0298f44a490c4a15",
        "id": "CVE-2021-32435-d407a61b",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "19237622257342416903486802978184651508",
                "45809312043063037815203182892838456232",
                "51629113492443854925680285479239076270",
                "194701241156392088338433419471793624140",
                "302352660664609922609886241076962066834",
                "334906819483101429433569598139986318727",
                "122736691160021448257456416382508299990",
                "129534008066885904751105474020235338547",
                "45809312043063037815203182892838456232",
                "36615925826498521636302981277496089285",
                "300955180341045269624732544874017129362",
                "332101677619294356660913719714076740330",
                "107296310901039998921060609666539061384",
                "5663206824073191941410251427775597812",
                "318386856368904625024948837766800385615",
                "275618618161519771267356766645752284352",
                "88946361745691151702245934111062549853"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32435.json"