Login Sign Up

CVE-2021-33930

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in libsolv's pool_installable_whatprovides function allows attackers to cause Denial of Service by crashing the application. This affects systems using libsolv for package dependency resolution, particularly Linux distributions with package managers that rely on this library.

💻 Affected Systems

Products:
  • libsolv
  • package managers using libsolv (DNF, Zypper, libdnf)
Versions: libsolv versions before 0.7.17
Operating Systems: Linux distributions using affected libsolv versions
Default Config Vulnerable: ⚠️ Yes
Notes: Systems using package managers that depend on vulnerable libsolv versions are affected during package resolution operations.

📦 What is this software?

Libsolv by Opensuse

View all CVEs affecting Libsolv →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the buffer overflow can be manipulated to execute arbitrary code.

🟠

Likely Case

Denial of Service through application crash, disrupting package management operations and potentially affecting system updates.

🟢

If Mitigated

Limited impact with proper memory protection mechanisms (ASLR, DEP) that prevent code execution, resulting only in application crashes.

🌐 Internet-Facing: LOW - libsolv is typically used internally by package managers, not directly exposed to internet services.
🏢 Internal Only: MEDIUM - Package management operations could be disrupted, affecting system maintenance and updates.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering the vulnerable function through package management operations. The GitHub issue shows proof-of-concept triggering the overflow.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: libsolv 0.7.17 and later

Vendor Advisory: https://github.com/openSUSE/libsolv/issues/417

Restart Required: No

Instructions:

1. Update libsolv to version 0.7.17 or later using your distribution's package manager. 2. For source installations: download latest version from GitHub, compile and install. 3. Restart any services using libsolv.

🔧 Temporary Workarounds

Limit package management operations

linux

Restrict package resolution operations to trusted sources only

🧯 If You Can't Patch

  • Implement strict access controls on package management systems
  • Monitor for abnormal package management process crashes

🔍 How to Verify

Check if Vulnerable:

Check libsolv version: `libsolv --version` or `rpm -q libsolv` or `dpkg -l libsolv*`

Check Version:

libsolv --version 2>/dev/null || rpm -q libsolv 2>/dev/null || dpkg -l libsolv* 2>/dev/null | grep ^ii

Verify Fix Applied:

Confirm libsolv version is 0.7.17 or higher using version check commands

📡 Detection & Monitoring

Log Indicators:

  • Segmentation faults in package manager processes
  • Abnormal termination of DNF, Zypper, or libdnf processes

Network Indicators:

  • Unusual package repository requests if exploited through malicious repos

SIEM Query:

process.name: ("dnf" OR "zypper" OR "packagekitd") AND event.type: crash

📊 Metadata

CVE ID: CVE-2021-33930
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-787
Published: September 2, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33930, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)