Home

CVE-2021-43618

Description

GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.499

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM WebMethods Integration Server 10.15Windows
Multiple Vulnerabilities are affected in IBM WebMethods Integration Server 10.11Windows
Multiple Vulnerabilities are affected in IBM WebMethods Integration Server 11.1Windows
SUSE-SU-2021:3878-1(SUSE Linux Enterprise Server 12-SP5 ) gmp-debugsource-5.1.3-4.3.1.x86_64.rpmLinux
SUSE-SU-2021:3878-1(SUSE Linux Enterprise Server 12-SP5 ) libgmp10-5.1.3-4.3.1.x86_64.rpmLinux
SUSE-SU-2021:3878-1(SUSE Linux Enterprise Server 12-SP5 ) libgmp10-32bit-5.1.3-4.3.1.x86_64.rpmLinux
SUSE-SU-2021:3878-1(SUSE Linux Enterprise Server 12-SP5 ) libgmp10-debuginfo-5.1.3-4.3.1.x86_64.rpmLinux
SUSE-SU-2021:3878-1(SUSE Linux Enterprise Server 12-SP5 ) libgmp10-debuginfo-32bit-5.1.3-4.3.1.x86_64.rpmLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp10_6.1.2+dfsg-2ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp10_6.1.2+dfsg-2ubuntu0.1_amd64.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp10_6.2.0+dfsg-4ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp10_6.2.0+dfsg-4ubuntu0.1_amd64.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp-dev_6.1.2+dfsg-2ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp-dev_6.1.2+dfsg-2ubuntu0.1_amd64.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp-dev_6.2.0+dfsg-4ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmp-dev_6.2.0+dfsg-4ubuntu0.1_amd64.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmpxx4ldbl_6.1.2+dfsg-2ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmpxx4ldbl_6.1.2+dfsg-2ubuntu0.1_amd64.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmpxx4ldbl_6.2.0+dfsg-4ubuntu0.1_i386.debLinux
Multiprecision arithmetic library developers tools (USN-5672-1) libgmpxx4ldbl_6.2.0+dfsg-4ubuntu0.1_amd64.debLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-c++-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-c++-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-c++-debuginfo-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-c++-debuginfo-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-debuginfo-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-debuginfo-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-debugsource-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-debugsource-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-devel-6.2.0-13.el9.i686.rpmLinux
(RHSA-2023:6661)Low: security and enhancement update gmp-devel-6.2.0-13.el9.x86_64.rpmLinux
Gmp update (ELSA-2023-6661) gmp-6.2.0-13.el9.i686.rpmLinux
Gmp update (ELSA-2023-6661) gmp-6.2.0-13.el9.x86_64.rpmLinux
Gmp-c++ update (ELSA-2023-6661) gmp-c++-6.2.0-13.el9.i686.rpmLinux
Gmp-c++ update (ELSA-2023-6661) gmp-c++-6.2.0-13.el9.x86_64.rpmLinux
Gmp-devel update (ELSA-2023-6661) gmp-devel-6.2.0-13.el9.i686.rpmLinux
Gmp-devel update (ELSA-2023-6661) gmp-devel-6.2.0-13.el9.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-6.1.2-11.el8.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-c++-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-c++-6.1.2-11.el8.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-c++-debuginfo-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-c++-debuginfo-6.1.2-11.el8.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-debuginfo-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-debuginfo-6.1.2-11.el8.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-debugsource-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-debugsource-6.1.2-11.el8.x86_64.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-devel-6.1.2-11.el8.i686.rpmLinux
(RHSA-2024:3214)Moderate: security update gmp-devel-6.1.2-11.el8.x86_64.rpmLinux
Gmp update (ELSA-2024-3214) gmp-6.1.2-11.el8.i686.rpmLinux
Gmp update (ELSA-2024-3214) gmp-6.1.2-11.el8.x86_64.rpmLinux
Gmp-c++ update (ELSA-2024-3214) gmp-c++-6.1.2-11.el8.i686.rpmLinux
Gmp-c++ update (ELSA-2024-3214) gmp-c++-6.1.2-11.el8.x86_64.rpmLinux
Gmp-devel update (ELSA-2024-3214) gmp-devel-6.1.2-11.el8.i686.rpmLinux
Gmp-devel update (ELSA-2024-3214) gmp-devel-6.1.2-11.el8.x86_64.rpmLinux
gmp Security Update (ALAS-2023-033) gmp-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS-2023-033) gmp-c++-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS-2023-033) gmp-devel-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS-2023-033) gmp-static-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS-2023-2369) gmp-6.0.0-15.amzn2.0.3.i686.rpmLinux
gmp Security Update (ALAS-2023-2369) gmp-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
gmp Security Update (ALAS-2023-2369) gmp-devel-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
gmp Security Update (ALAS-2023-2369) gmp-static-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
Low: gmp security and enhancement update gmp-6.2.0-13.el9.i686.rpmLinux
Low: gmp security and enhancement update gmp-6.2.0-13.el9.x86_64.rpmLinux
Low: gmp security and enhancement update gmp-c++-6.2.0-13.el9.i686.rpmLinux
Low: gmp security and enhancement update gmp-c++-6.2.0-13.el9.x86_64.rpmLinux
Low: gmp security and enhancement update gmp-devel-6.2.0-13.el9.i686.rpmLinux
Low: gmp security and enhancement update gmp-devel-6.2.0-13.el9.x86_64.rpmLinux
Moderate: gmp security update gmp-6.1.2-11.el8.i686.rpmLinux
Moderate: gmp security update gmp-6.1.2-11.el8.x86_64.rpmLinux
Moderate: gmp security update gmp-c++-6.1.2-11.el8.i686.rpmLinux
Moderate: gmp security update gmp-c++-6.1.2-11.el8.x86_64.rpmLinux
Moderate: gmp security update gmp-devel-6.1.2-11.el8.i686.rpmLinux
Moderate: gmp security update gmp-devel-6.1.2-11.el8.x86_64.rpmLinux
gmp Security Update (ALAS2-2023-2369) gmp-6.0.0-15.amzn2.0.3.i686.rpmLinux
gmp Security Update (ALAS2-2023-2369) gmp-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
gmp Security Update (ALAS2-2023-2369) gmp-devel-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
gmp Security Update (ALAS2-2023-2369) gmp-static-6.0.0-15.amzn2.0.3.x86_64.rpmLinux
gmp Security Update (ALAS2023-2023-033) gmp-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS2023-2023-033) gmp-c++-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS2023-2023-033) gmp-devel-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
gmp Security Update (ALAS2023-2023-033) gmp-static-6.2.1-2.amzn2023.0.2.x86_64.rpmLinux
Integer Overflow or Wraparound Vulnerability (CVE-2021-43618)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234