CVE-2021-45417

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-45417
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45417.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-45417
Downstream
Related
Published
2022-01-20T18:15:07.640Z
Modified
2025-12-21T09:56:20.191311Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

References

Affected packages

Git / github.com/aide/aide

Affected ranges

Type
GIT
Repo
https://github.com/aide/aide
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d4b80a9e5d48494e0003d22d9ce1a8133de0f15e

Affected versions

aide.*

aide.0.10.release
aide.0.11.rc1.release
aide.0.11.rc2.release
aide.0.11.rc3.release
aide.0.11.release
aide.0.11a.debian
aide.0.11b.nocurl
aide.0.12.rc1.release
aide.0.12.rc2.release
aide.0.12.release
aide.0.13.1.release
aide.0.13.rc1.release
aide.0.13.rc2.release
aide.0.13.release
aide.0.14.1.release
aide.0.14.2.release
aide.0.14.rc1.release
aide.0.14.rc2.release
aide.0.14.rc3.release
aide.0.14.release
aide.0.15.1.release
aide.0.15.rc1.release
aide.0.15.release

cs.*

cs.tut.fi.import

v0.*

v0.16
v0.16.1
v0.16.2
v0.16a1
v0.16a2
v0.16b1
v0.16rc1
v0.17
v0.17.1
v0.17.2
v0.17.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45417.json"