Security Advisory

CVE-2021-38479

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-22 11:22:51
Last updated 2024-09-16 17:28:11
Assigner icscert
State PUBLISHED

Description

Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. An attacker can manipulate API functions by writing arbitrary data into the resolved address of a raw pointer.