A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2021-3998 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2024633 | Issue Tracking Patch Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2021-3998 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221020-0003/ | Third Party Advisory |
https://sourceware.org/bugzilla/show_bug.cgi?id=28770 | Issue Tracking Patch Third Party Advisory |
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03 | |
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb | |
https://www.openwall.com/lists/oss-security/2022/01/24/4 | Mailing List Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
12 Feb 2023, 23:43
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Nov 2022, 02:25
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20221020-0003/ - Third Party Advisory | |
CPE | cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
|
First Time |
Netapp h500s
Netapp h700s Netapp h300s Netapp h410c Netapp h410c Firmware Netapp h410s Firmware Netapp Netapp h300s Firmware Netapp h700s Firmware Netapp ontap Select Deploy Administration Utility Netapp h410s Netapp h500s Firmware |
20 Oct 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-125 |
29 Aug 2022, 15:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Gnu glibc
Gnu |
|
CWE | CWE-252 | |
CPE | cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://access.redhat.com/security/cve/CVE-2021-3998 - Third Party Advisory | |
References | (MISC) https://sourceware.org/bugzilla/show_bug.cgi?id=28770 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=84d2d0fe20bdf94feed82b21b4d7d136db471f03 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2024633 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://www.openwall.com/lists/oss-security/2022/01/24/4 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ee8d5e33adb284601c00c94687bc907e10aec9bb - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://security-tracker.debian.org/tracker/CVE-2021-3998 - Third Party Advisory |
24 Aug 2022, 16:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-24 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-3998
Mitre link : CVE-2021-3998
CVE.ORG link : CVE-2021-3998
JSON object : View
Products Affected
netapp
- h700s_firmware
- h700s
- h300s_firmware
- h410c
- h410s
- h500s_firmware
- ontap_select_deploy_administration_utility
- h410s_firmware
- h500s
- h410c_firmware
- h300s
gnu
- glibc