Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

usbredir: Use-after-free (CVE-2021-3700) #4578

Open
CamberLoid opened this issue Jun 14, 2023 · 0 comments
Open

usbredir: Use-after-free (CVE-2021-3700) #4578

CamberLoid opened this issue Jun 14, 2023 · 0 comments
Assignees
@CamberLoid
Labels
security Topic/issue involves a security issue/fixed

Comments

@CamberLoid
Copy link
Member

CVE IDs

CVE-2021-3700

Other security advisory IDs

Description

It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary code.

Patches

PoC(s)

N/A
@CamberLoid CamberLoid added the security Topic/issue involves a security issue/fixed label Jun 14, 2023
@CamberLoid CamberLoid self-assigned this Jun 14, 2023
@CamberLoid CamberLoid added this to the Semi-Annually Security Survey 2023H1 milestone Jun 14, 2023
@MingcongBai MingcongBai removed this from the Semi-Annually Security Survey 2023H1 milestone Mar 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CamberLoid CamberLoid

Labels
security Topic/issue involves a security issue/fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MingcongBai @CamberLoid