CVE-2021-41193
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-41193
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41193.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-41193
- Aliases
- Related
- Published
- 2022-03-01T19:15:08.403Z
- Modified
- 2025-11-20T11:54:22.348503Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are currently no known workarounds.
- References
Affected packages
Git / github.com/wireapp/wire-avs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireapp/wire-avs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-023fad85",
"signature_type": "Function",
"target": {
"file": "src/ecall/ecall.c",
"function": "ecall_answer"
},
"signature_version": "v1",
"digest": {
"function_hash": "137192418844580695232203222931864098962",
"length": 1375.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-2beb9a20",
"signature_type": "Function",
"target": {
"file": "tools/zcall/conv.c",
"function": "prekey_handler"
},
"signature_version": "v1",
"digest": {
"function_hash": "24315972786898140586360653136531191894",
"length": 764.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-33ad14a9",
"signature_type": "Function",
"target": {
"file": "src/econn_fmt/msg.c",
"function": "econn_message_encode"
},
"signature_version": "v1",
"digest": {
"function_hash": "320698680746276354696034802618915934031",
"length": 4895.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-3e08a36d",
"signature_type": "Function",
"target": {
"file": "src/wcall/wcall.c",
"function": "wcall_i_answer"
},
"signature_version": "v1",
"digest": {
"function_hash": "144152013152982634885956760311987979503",
"length": 865.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-4b99adc9",
"signature_type": "Line",
"target": {
"file": "src/peerflow/cbr_detector_remote.h"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"308624077975138330305980355135051724752",
"102921489119434680181053842077983939790",
"232578541595857406169280995524764846687",
"169823251108584365261735495116541368441"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-724eb0a4",
"signature_type": "Line",
"target": {
"file": "src/wcall/wcall.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"76653670442340488770268255021394299804",
"261637742221656249659485626098520132147",
"63438764266900706973261477816645184358",
"87400939391163736108881603582380780132",
"265807211849001142434965172916976464570"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-82225d52",
"signature_type": "Line",
"target": {
"file": "tools/zcall/conv.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"113487670118309184669552254124830804008",
"170438342334713069984096235704896617028",
"73709414786598779145235145864558617980",
"130653114588022281566620050770639861358",
"18467783005951437045776103770656012492",
"75165810683094715222491790795063826765",
"206981051519041685482421267889150226718"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-85ed6c0b",
"signature_type": "Line",
"target": {
"file": "src/econn_fmt/msg.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"186340558399333889654924600646301796960",
"120628511118891014196263566163865099135",
"281749825300478165739799238199876080896",
"165205835087166637958136290861610627046",
"333001746743666767677133685736926783703",
"218442677332708184268375683424110623654",
"21141695771634799613731390584175946480",
"91149340451645566441072484802055595117",
"48792234082637137688481367434233162476",
"339516048942337254181500642068987593021"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-9119a1b3",
"signature_type": "Function",
"target": {
"file": "src/peerflow/cbr_detector_remote.cpp",
"function": "CbrDetectorRemote::Decrypt"
},
"signature_version": "v1",
"digest": {
"function_hash": "118161913871746784050225022069835376665",
"length": 705.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-91a6a95f",
"signature_type": "Line",
"target": {
"file": "src/ecall/ecall.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"158677121935445971789156979952201099275",
"97332125857358333262307768622564929492",
"257224481685818778197085018295352004349",
"48443932394836285049559073073291644125",
"178239383745926058888384005460537077574",
"108444253164832808119709556558616351237",
"328038853584671082032054880307157033205",
"103187638296723866622578408729475821779"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-c837f511",
"signature_type": "Line",
"target": {
"file": "test/test_acm.cpp"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"316677457568381156317227419810086070469",
"313439772446894177064763355340166273584",
"245963326050631969303911716312283956611",
"13300082453546751145680853521723499373",
"166655948322390501507991567854270981291"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-d0f8ec8e",
"signature_type": "Line",
"target": {
"file": "src/peerflow/cbr_detector_remote.cpp"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"74437101819328013992691209772526868360",
"308238029360543500096343200510899953785",
"148835190815470738018058723597174662988",
"13082877180414490015330616542686516209",
"235046777809188866100711934764635942214",
"163200135364466883412191084307063096208",
"40709715735382444479180603582686842197",
"12417713006095376225189919444479888769",
"199297838489740147095174018587694132093",
"217456120509454111746231852334735761927",
"179115158689524685285587964341529855773",
"14377113664085028464825860960116482776",
"51311434706522271500143940835289027843",
"46841283949146643704149687851203931638",
"170784696549027926337078627113375115647",
"259848475038035640115446525895156143271",
"153982462690132316094715657078653569562",
"302768016282426143521260972330918731307",
"86287206544613414097369128738959195711",
"96423252348272965955214095955002905022",
"56077492942308253378601444849558425763"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-d75f1723",
"signature_type": "Function",
"target": {
"file": "src/ecall/ecall.c",
"function": "ecall_start"
},
"signature_version": "v1",
"digest": {
"function_hash": "100182733158711948882661214708149727218",
"length": 1588.0
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-dcaf940b",
"signature_type": "Line",
"target": {
"file": "src/audio_level/audio_level.c"
},
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"4595171499761176964061990825181205327",
"292862079742337240317191311060548865537",
"155736461442113157646584069689821686578",
"223313662224011515394702060578107903514",
"31526665477508512708676428048792819793"
]
}
},
{
"deprecated": false,
"source": "https://github.com/wireapp/wire-avs/commit/40d373ede795443ae6f2f756e9fb1f4f4ae90bbe",
"id": "CVE-2021-41193-e360637b",
"signature_type": "Function",
"target": {
"file": "src/audio_level/audio_level.c",
"function": "audio_level_json"
},
"signature_version": "v1",
"digest": {
"function_hash": "47775596749721570676920119300882167889",
"length": 1422.0
}
}
]