Miggo Logo
Miggo Vulnerability Database
CVE-2021-30129

CVE-2021-30129: Buffer Overflow in Apache Mina SSHD

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-30129
GHSA ID
GHSA-9279-7hph-r3xw
EPSS Score
0.45694%
CWE
CWE-772
Published
8/2/2021
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.sshd:sshd-minamaven>= 2.0.0, < 2.7.02.7.0
org.apache.sshd:sshd-coremaven>= 2.0.0, < 2.7.02.7.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The core vulnerability stems from BufferedIoOutputStream's write() implementation lacking proper bounds checking, as explicitly described in SSHD-1125. The JIRA ticket details that data could be written without respecting the max window size, allowing memory exhaustion. While BufferManager is not directly patched, it's involved in buffer allocation patterns for SFTP/port forwarding features mentioned in vulnerability descriptions. The high confidence on BufferedIoOutputStream.write comes from direct JIRA ticket documentation of the fix, while BufferManager.getBuffer is inferred from architectural patterns with medium confidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility in ss**-*or* o* *p**** Min* SS** *llows *n *tt**k*r to ov*r*low t** s*rv*r **usin* *n OutO*M*mory *rror. T*is issu* *****ts t** S*TP *n* port *orw*r*in* ***tur*s o* *p**** Min* SS** v*rsion *.*.* *n* l*t*r v*rsions. It w*s ***r*ss** i

Reasoning

T** *or* vuln*r**ility st*ms *rom `*u***r**IoOutputStr**m`'s `writ*()` impl*m*nt*tion l**kin* prop*r *oun*s ****kin*, *s *xpli*itly **s*ri*** in `SS**-****`. T** JIR* ti*k*t **t*ils t**t **t* *oul* ** writt*n wit*out r*sp**tin* t** m*x win*ow siz*, *