CVE-2021-37232

CRITICAL

Atomicparsley - Out-of-Bounds Write

Title source: rule

Description

A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

References (3)

[Patch, Third Party Advisory] https://github.com/wez/atomicparsley/commit/d72ccf06c98259d7261e0f3ac4fd8717778782c1

View Patch ZIP pw:eip

[Exploit, Patch, Third Party Advisory] https://github.com/wez/atomicparsley/issues/32

[Third Party Advisory] https://security.gentoo.org/glsa/202305-01

Scores

CVSS v3 9.8

EPSS 0.0059

EPSS Percentile 68.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-787

Status published

Affected Products (1)

atomicparsley_project/atomicparsley < 20210124.204813.840499f

Timeline

Published Aug 04, 2021

Tracked Since Feb 18, 2026