Memory Management Flaw in Expat Library by libexpat
CVE-2021-45960

8.8HIGH

Key Information:

Vendor
Libexpat Project
Status
Libexpat
Vendor
CVE Published:
1 January 2022

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A flaw in the Expat library (libexpat) prior to version 2.4.3 allows for improper memory reallocation due to a left shift operation in the storeAtts function. This issue can lead to insufficient memory allocation or incorrect freeing of memory, potentially exposing systems to stability issues and security risks. Users are encouraged to update to later versions to mitigate these vulnerabilities.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

external_expat_AOSP10_r33_CVE-2021-45960
Created by nanopathi

external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-
Created by Trinadh465

external_expat_v2.2.6_CVE-2021-45960
Created by hshivhare67

References

https://github.com/libexpat/libexpat/issues/531
x_refsource_MISC
https://github.com/libexpat/libexpat/pull/534
x_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.