Off-by-one Error
CVE-2021-3999
Summary
A flaw was found in glibc before 2.35. An off-by-one buffer overflow and underflow in 'getcwd()' may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to 'getcwd()' in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-193 - Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
References
Advisory Timeline
- Published