CVE-2021-33910

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

References

Affected packages

Git / github.com/systemd/systemd

Affected ranges

Type: GIT
Repo: https://github.com/systemd/systemd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b34a4f0e6729de292cb3b0c03c1d48f246ad896b

Type

GIT

Repo

https://github.com/systemd/systemd-stable

Events

Introduced

Fixed

cfd14c65374027b34dbbc4f0551456c5dc2d1f61

Introduced

4d484e14bb9864cef1d124885e625f33bf31e91c

Fixed

b00674347337b7531c92fdb65590ab253bb57538

Introduced

938bdfc0fa737d86eb3ecc70506e11e5f740e0dc

Fixed

4a1c5f34bd3e1daed4490e9d97918e504d19733b

Introduced

f6278558da0304ec6b646bb172ce4688c7f162a5

Fixed

764b74113e36ac5219a4b82a05f311b5a92136ce

Introduced

Last affected

47675042c2622b96590c89d610b529e09099ce26

Introduced

Last affected

66be5eda80a334eacb83b13590fdfbabc7efe5e9

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "246.15"
        },
        {
            "introduced": "247"
        },
        {
            "fixed": "247.8"
        },
        {
            "introduced": "248"
        },
        {
            "fixed": "248.5"
        },
        {
            "introduced": "249"
        },
        {
            "fixed": "249.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "33"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "34"
        }
    ]
}

Affected versions

Other

systemd-v1

systemd-v10

systemd-v11

systemd-v12

systemd-v13

systemd-v14

systemd-v15

systemd-v16

systemd-v17

systemd-v18

systemd-v183

systemd-v184

systemd-v185

systemd-v186

systemd-v187

systemd-v188

systemd-v189

systemd-v19

systemd-v190

systemd-v191

systemd-v192

systemd-v193

systemd-v194

systemd-v195

systemd-v196

systemd-v2

systemd-v20

systemd-v21

systemd-v22

systemd-v23

systemd-v24

systemd-v25

systemd-v26

systemd-v27

systemd-v28

systemd-v29

systemd-v3

systemd-v30

systemd-v31

systemd-v32

systemd-v33

systemd-v34

systemd-v35

systemd-v36

systemd-v37

systemd-v38

systemd-v39

systemd-v4

systemd-v40

systemd-v41

systemd-v42

systemd-v43

systemd-v44

systemd-v5

systemd-v6

systemd-v7

systemd-v8

systemd-v9

v10

v11

v12

v13

v14

v15

v16

v17

v18

v183

v184

v185

v186

v187

v188

v189

v19

v190

v191

v192

v193

v194

v195

v196

v197

v198

v199

v20

v200

v201

v202

v203

v204

v205

v206

v207

v208

v209

v21

v210

v211

v212

v213

v214

v215

v216

v217

v218

v219

v22

v220

v221

v222

v223

v224

v225

v226

v227

v228

v229

v23

v230

v231

v232

v233

v234

v235

v236

v237

v238

v239

v24

v240

v241

v241-rc1

v241-rc2

v242

v242-rc1

v242-rc2

v242-rc3

v242-rc4

v243

v243-rc1

v243-rc2

v244

v244-rc1

v245

v245-rc1

v245-rc2

v246

v246-rc1

v246-rc2

v247

v247-rc1

v247-rc2

v248

v248-2

v248-rc1

v248-rc2

v248-rc3

v248-rc4

v249

v249-rc1

v249-rc2

v249-rc3

v25

v26

v27

v28

v29

v30

v31

v32

v33

v34

v35

v36

v37

v38

v39

v40

v41

v42

v43

v44

v246.*

v246.1

v246.10

v246.11

v246.12

v246.13

v246.14

v246.2

v246.3

v246.4

v246.5

v246.6

v246.7

v246.8

v246.9

v247.*

v247.1

v247.2

v247.3

v247.4

v247.5

v247.6

v247.7

v248.*

v248.1

v248.2

v248.3

v248.4

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-33910.json"