Stack-Based Buffer Overflow in IBM Spectrum Protect Client
CVE-2021-29672

8.4HIGH

Key Information:

Vendor

IBM
Status
Spectrum Protect For Space Management
Vendor
CVE Published:
26 April 2021

What is CVE-2021-29672?

IBM Spectrum Protect Client versions 8.1.0.0 through 1.11.0 are affected by a stack-based buffer overflow due to improper bounds checking when processing locale settings. This vulnerability allows a local attacker to overflow a buffer, potentially executing arbitrary code with elevated privileges or causing the application to crash. For more details, refer to IBM's advisory and the vulnerability database.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Spectrum Protect for Space Management 8.1.0.0

Spectrum Protect for Space Management 8.1.11.0

References

https://www.ibm.com/support/pages/node/6445497
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/199479
vdb-entryx_refsource_XF
https://security.gentoo.org/glsa/202209-02
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.