Critical severity9.8NVD Advisory· Published May 6, 2021· Updated Jun 17, 2026
CVE-2021-20204
CVE-2021-20204
Description
A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbitrary code execution or privilege escalation depending on input/skills of attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: =0.10.0
Patches
Vulnerability mechanics
References
5- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/05/msg00015.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43JTGEMYMCTHD3LHFD7ENBNSWCNBCYEY/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GB7T7DW7XRPJOUE25ZE7GF244FPCHBWY/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OE23HBLIVKVPOQ5MVADWPOCFMREVF4QZ/nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.