Login Sign Up

CVE-2020-21572

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in the src_parser_trans_stage_1_2_3 function of trgil gilcc allows attackers to cause denial of service by crashing the application. This affects users of gilcc before commit 803969389ca9c06237075a7f8eeb1a19e6651759.

💻 Affected Systems

Products:
  • trgil gilcc
Versions: All versions before commit 803969389ca9c06237075a7f8eeb1a19e6651759
Operating Systems: All platforms running gilcc
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the default configuration when processing malicious input through the affected function.

📦 What is this software?

Gilcc by Gilcc Project

View all CVEs affecting Gilcc →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the buffer overflow can be manipulated to execute arbitrary code.

🟠

Likely Case

Denial of service through application crash, disrupting service availability.

🟢

If Mitigated

Minimal impact with proper input validation and memory protections enabled.

🌐 Internet-Facing: MEDIUM - Exploitable if the vulnerable component is exposed to untrusted input, but requires specific conditions.
🏢 Internal Only: LOW - Typically requires local access or specific internal network exposure to exploit.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting specific input to trigger the buffer overflow, but no public exploit code has been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 803969389ca9c06237075a7f8eeb1a19e6651759 and later

Vendor Advisory: https://github.com/trgil/gilcc/commit/803969389ca9c06237075a7f8eeb1a19e6651759

Restart Required: Yes

Instructions:

1. Update to the latest version of gilcc from the official repository. 2. Rebuild the application from source. 3. Restart any services using gilcc.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation to prevent malicious data from reaching the vulnerable function.

Memory Protection

linux

Enable ASLR and DEP/Stack Canaries if supported by the platform to mitigate exploitation.

gcc -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2

🧯 If You Can't Patch

  • Isolate the vulnerable system from untrusted networks and users.
  • Monitor for abnormal crashes or memory usage patterns indicative of exploitation attempts.

🔍 How to Verify

Check if Vulnerable:

Check the git commit hash of your gilcc installation; if earlier than 803969389ca9c06237075a7f8eeb1a19e6651759, it is vulnerable.

Check Version:

git log --oneline -1

Verify Fix Applied:

Verify the commit hash matches or is later than 803969389ca9c06237075a7f8eeb1a19e6651759 after updating.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes, segmentation faults, or abnormal termination logs

Network Indicators:

  • Unusual input patterns or large payloads sent to the service

SIEM Query:

source="application.log" AND ("segmentation fault" OR "buffer overflow" OR "crash")

📊 Metadata

CVE ID: CVE-2020-21572
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-120
Published: November 2, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-21572, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)