CVE-2021-3345

HIGH

Gnupg Libgcrypt - Out-of-Bounds Write

Title source: rule

Description

_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.

Exploits (2)

nomisec WORKING POC 9 stars

by MLGRadish · poc

https://github.com/MLGRadish/CVE-2021-3345

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by SpiralBL0CK · poc

https://github.com/SpiralBL0CK/CVE-2021-3345

View Code ZIP pw:eip

References (6)

Core 6

Core References

Various Sources x_refsource_misc

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=512c0c75276949f13b6373b5c04f7065af750b08

Mailing List, Vendor Advisory x_refsource_misc

https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html

Mailing List, Patch, Vendor Advisory x_refsource_misc

https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html

Vendor Advisory x_refsource_misc

https://gnupg.org

Issue Tracking, Vendor Advisory x_refsource_misc

https://bugs.gentoo.org/show_bug.cgi?id=767814

Third Party Advisory x_refsource_misc

https://www.oracle.com//security-alerts/cpujul2021.html

Scores

CVSS v3 7.8

EPSS 0.0571

EPSS Percentile 90.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (2)

gnupg/libgcrypt 1.9.0

oracle/communications_billing_and_revenue_management 12.0.0.3.0

Published Jan 29, 2021

Tracked Since Feb 18, 2026