Miggo Logo

CVE-2021-39480: Denial of service in bingrep

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.49897%
Published
1/28/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
bingreprust= 0.8.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability (CWE-770) involves uncontrolled memory allocation due to untrusted input. The crash log shows an attempt to allocate 0xFFFFFFFFFFFFFFFA bytes, which suggests an integer underflow/wrap in size calculation (e.g., e_shnum * e_shentsize or similar). The ELF parser's header processing function is the most likely culprit, as it uses header fields (like e_shentsize and e_shnum) to compute allocation sizes. The POC's manipulated ELF headers (e.g., large e_shentsize) would trigger this during section/program header parsing. Without code access, this is inferred from the symptoms and standard ELF parsing patterns.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*in*r*p v*.*.* w*s *is*ov*r** to *ont*in * m*mory *llo**tion **ilur* w*i** **n **us* * **ni*l o* S*rvi** (*oS).

Reasoning

T** vuln*r**ility (*W*-***) involv*s un*ontroll** m*mory *llo**tion *u* to untrust** input. T** *r*s* lo* s*ows *n *tt*mpt to *llo**t* *x**************** *yt*s, w*i** su***sts *n int***r un**r*low/wr*p in siz* **l*ul*tion (*.*., `*_s*num * *_s**ntsiz