Unrated severityNVD Advisory· Published Nov 15, 2021· Updated Aug 4, 2024
CVE-2021-43618
CVE-2021-43618
Description
GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- GNU Multiple Precision Arithmetic Library/GNU Multiple Precision Arithmetic Librarydescription
- osv-coords19 versionspkg:apk/chainguard/gmppkg:apk/chainguard/gmp-devpkg:apk/wolfi/gmppkg:apk/wolfi/gmp-devpkg:rpm/almalinux/gmppkg:rpm/almalinux/gmp-c%2B%2Bpkg:rpm/almalinux/gmp-develpkg:rpm/opensuse/gmp&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/gmp&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/gmp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/gmp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 6.2.1-r4+ 18 more
- (no CPE)range: < 6.2.1-r4
- (no CPE)range: < 6.2.1-r4
- (no CPE)range: < 6.2.1-r4
- (no CPE)range: < 6.2.1-r4
- (no CPE)range: < 1:6.2.0-13.el9
- (no CPE)range: < 1:6.2.0-13.el9
- (no CPE)range: < 1:6.2.0-13.el9
- (no CPE)range: < 6.1.2-lp152.6.6.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.2.1-4.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 6.1.2-4.9.1
- (no CPE)range: < 5.1.3-4.3.1
- (no CPE)range: < 5.1.3-4.3.1
- (no CPE)range: < 5.1.3-4.3.1
Patches
Vulnerability mechanics
References
8- security.gentoo.org/glsa/202309-13mitrevendor-advisory
- seclists.org/fulldisclosure/2022/Oct/8mitremailing-list
- www.openwall.com/lists/oss-security/2022/10/13/3mitremailing-list
- lists.debian.org/debian-lts-announce/2021/12/msg00001.htmlmitremailing-list
- bugs.debian.org/994405mitre
- gmplib.org/list-archives/gmp-bugs/2021-September/005077.htmlmitre
- gmplib.org/repo/gmp-6.2/rev/561a9c25298emitre
- security.netapp.com/advisory/ntap-20221111-0001/mitre
News mentions
0No linked articles in our index yet.