CVE-2021-21401

Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message type contains an `oneof` field, and the `oneof` directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the data of the non-pointer field is incorrectly treated as if it was a pointer value. Such message data rarely occurs in normal messages, but it is a concern when untrusted data is parsed. This has been fixed in versions 0.3.9.8 and 0.4.5. See referenced GitHub Security Advisory for more information including workarounds.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
GitHub_MCNA
7.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
nanopb_projectnanopb
𝑥
< 0.3.9.8
nanopb_projectnanopb
0.4.0 ≤
𝑥
< 0.4.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nanopb
bullseye
0.4.4-2
fixed
bookworm
0.4.7-2
fixed
sid
0.4.9-1
fixed
trixie
0.4.9-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nanopb
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
ignored
hirsute
ignored
groovy
ignored
focal
Fixed 0.4.1-1ubuntu0.1~esm1
released
bionic
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://github.com/nanopb/nanopb/blob/c9124132a604047d0ef97a09c0e99cd9bed2c818/CHANGELOG.txt#L1
https://github.com/nanopb/nanopb/commit/e2f0ccf939d9f82931d085acb6df8e9a182a4261
https://github.com/nanopb/nanopb/issues/647
https://github.com/nanopb/nanopb/security/advisories/GHSA-7mv5-5mxh-qg88
https://github.com/nanopb/nanopb/blob/c9124132a604047d0ef97a09c0e99cd9bed2c818/CHANGELOG.txt#L1
https://github.com/nanopb/nanopb/commit/e2f0ccf939d9f82931d085acb6df8e9a182a4261
https://github.com/nanopb/nanopb/issues/647
https://github.com/nanopb/nanopb/security/advisories/GHSA-7mv5-5mxh-qg88