CVE-2021-39480 – Bingrep v0.8.5 contains a memory allocation fai... (How to Fix)

Q: What is the severity of CVE-2021-39480?

CVE-2021-39480 has a CVSS score of 7.5 (HIGH). Bingrep v0.8.5 contains a memory allocation failure vulnerability that can cause the application to crash, resulting in Denial of Service. This affects users running the vulnerable version of the bingrep binary analysis tool. The vulnerability is triggered through normal usage when processing certain inputs.

📋 TL;DR

Bingrep v0.8.5 contains a memory allocation failure vulnerability that can cause the application to crash, resulting in Denial of Service. This affects users running the vulnerable version of the bingrep binary analysis tool. The vulnerability is triggered through normal usage when processing certain inputs.

💻 Affected Systems

Products:

bingrep

Versions: v0.8.5 specifically

Operating Systems: Linux, macOS, Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of bingrep v0.8.5 are vulnerable regardless of configuration.

📦 What is this software?

Bingrep by Bingrep Project

View all CVEs affecting Bingrep →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash and service disruption when processing malicious or malformed input files, potentially affecting automated analysis pipelines.

🟠

Likely Case

Application crashes during binary analysis operations, requiring manual restart and causing temporary disruption to analysis workflows.

🟢

If Mitigated

Minimal impact with proper input validation and monitoring; crashes are contained to individual analysis sessions.

🌐 Internet-Facing: LOW - bingrep is typically used as a command-line tool for binary analysis, not as an internet-facing service.

🏢 Internal Only: MEDIUM - Internal users running bingrep for binary analysis could experience application crashes disrupting their workflow.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The GitHub issue demonstrates the crash condition with specific input patterns. Exploitation requires providing crafted input to the bingrep process.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.8.6 and later

Vendor Advisory: https://github.com/m4b/bingrep/issues/30

Restart Required: No

Instructions:

1. Check current version with 'bingrep --version'. 2. Update using cargo: 'cargo install bingrep --force'. 3. Verify update with 'bingrep --version' showing v0.8.6 or higher.

🔧 Temporary Workarounds

Input validation wrapper

all

Create a wrapper script that validates input files before passing to bingrep

#!/bin/bash
if [ -f "$1" ]; then
    # Add file validation logic here
    bingrep "$1"
else
    echo "Invalid input"
fi

Process monitoring and restart

linux

Monitor bingrep processes and automatically restart on crash

#!/bin/bash
while true; do
    bingrep "$@"
    sleep 1
done

🧯 If You Can't Patch

Limit bingrep usage to trusted, validated input files only
Implement process monitoring to detect and alert on crashes

🔍 How to Verify

Check if Vulnerable:

Run 'bingrep --version' and check if output shows v0.8.5

Check Version:

bingrep --version

Verify Fix Applied:

Run 'bingrep --version' and confirm version is v0.8.6 or higher

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Segmentation fault errors
Unexpected process termination

Network Indicators:

N/A - local tool

SIEM Query:

process.name:"bingrep" AND event.outcome:"failure"

📊 Metadata

CVE ID: CVE-2021-39480

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

Published: January 21, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/m4b/bingrep/issues/30 Exploit,Issue Tracking,Third Party Advisory
https://github.com/m4b/bingrep/issues/30 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-39480, you might also want to check these: