Login Sign Up

CVE-2020-23921

7.1 HIGH
Buffer Overflow

📋 TL;DR

CVE-2020-23921 is a heap-based buffer over-read vulnerability in fast_ber's ASN.1 compiler. This allows attackers to read memory beyond allocated buffers, potentially exposing sensitive information or causing crashes. Users of applications that incorporate fast_ber library versions through v0.4 are affected.

💻 Affected Systems

Products:
  • fast_ber library
Versions: All versions through v0.4
Operating Systems: All platforms where fast_ber is used
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects applications that use fast_ber's ASN.1 compiler functionality. The vulnerability is in yy::yylex() in asn_compiler.hpp.

📦 What is this software?

Fast Ber by Fast Ber Project

View all CVEs affecting Fast Ber →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents, potential remote code execution through memory corruption, or denial of service through application crashes.

🟠

Likely Case

Application crashes leading to denial of service, or information leakage of adjacent memory contents.

🟢

If Mitigated

Limited impact with proper memory protections (ASLR, DEP) and sandboxing, potentially just crashes without data exposure.

🌐 Internet-Facing: MEDIUM - Exploitation requires specific ASN.1 parsing scenarios but could affect exposed services using fast_ber.
🏢 Internal Only: LOW - Requires local access or specific internal applications using the vulnerable library.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting malicious ASN.1 data that triggers the buffer over-read. No public exploits have been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after v0.4

Vendor Advisory: https://github.com/Samuel-Tyler/fast_ber/issues/30

Restart Required: Yes

Instructions:

1. Update fast_ber library to version after v0.4. 2. Recompile any applications using fast_ber. 3. Restart affected services.

🔧 Temporary Workarounds

Disable ASN.1 compiler functionality

all

If possible, disable or avoid using the ASN.1 compiler component of fast_ber.

🧯 If You Can't Patch

  • Implement strict input validation for ASN.1 data processed by fast_ber
  • Deploy memory protection mechanisms (ASLR, DEP) and sandbox applications using fast_ber

🔍 How to Verify

Check if Vulnerable:

Check if application uses fast_ber library version 0.4 or earlier. Review source code for inclusion of asn_compiler.hpp.

Check Version:

Check build configuration or package manager for fast_ber version (e.g., 'dpkg -l | grep fast_ber' on Debian-based systems)

Verify Fix Applied:

Verify fast_ber library version is after v0.4 and check that the updated code no longer contains the vulnerable yy::yylex() implementation.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults or memory access errors
  • Unexpected termination of services using fast_ber

Network Indicators:

  • Unusual ASN.1 data patterns sent to services using fast_ber

SIEM Query:

search 'segmentation fault' OR 'memory violation' AND process_name contains 'fast_ber'

📊 Metadata

CVE ID: CVE-2020-23921
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: April 21, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-23921, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)