CVE-2021-29482
compression vulnerability in github.com/ulikunitz/xz
What is CVE-2021-29482 About?
This vulnerability involves an infinite loop in the `readUvarint` function of the xz library, which fails to terminate when processing malicious input. This can lead to a denial of service. Exploitation is relatively easy as it only requires providing specially crafted input.
Affected Software
Technical Details
The vulnerability resides in the `readUvarint` function within the xz compression and decompression library, specifically when handling the xz container format. If a malicious input is provided, the function's loop conditions may not be met, causing it to run indefinitely. This infinite loop consumes system resources, preventing the application from processing further legitimate requests and ultimately leading to a denial of service condition.
What is the Impact of CVE-2021-29482?
Successful exploitation may allow attackers to cause a denial of service, rendering the affected system or application unresponsive or unavailable to legitimate users.
What is the Exploitability of CVE-2021-29482?
Exploitation of this vulnerability is relatively low in complexity, primarily requiring local access to supply a malformed xz file as input. There are no authentication or specific privilege requirements beyond the ability to feed data to the xz library or any application using it. The main prerequisite is that the application processes user-supplied xz compressed data. The risk of exploitation increases when applications accept xz files from untrusted sources without input validation or size restrictions.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2021-29482?
Available Upgrade Options
- github.com/ulikunitz/xz
- <0.5.8 → Upgrade to 0.5.8
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27
- https://github.com/ulikunitz/xz/issues/35
- https://nvd.nist.gov/vuln/detail/CVE-2021-29482
- https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b
- https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b
- https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27
- https://pkg.go.dev/vuln/GO-2020-0016
- https://osv.dev/vulnerability/GHSA-25xm-hr59-7c27
What are Similar Vulnerabilities to CVE-2021-29482?
Similar Vulnerabilities: CVE-2020-16845 , CVE-2020-13753 , CVE-2016-9843 , CVE-2019-12900 , CVE-2021-42686
