CVE-2021-44144 – CVE-2021-44144 is a heap-based buffer over-read... (How to Fix)

Q: What is the severity of CVE-2021-44144?

CVE-2021-44144 has a CVSS score of 9.1 (CRITICAL). CVE-2021-44144 is a heap-based buffer over-read vulnerability in Croatia Control Asterix software version 2.8.1. This vulnerability could allow attackers to read sensitive information from memory or potentially cause denial of service. Organizations using Asterix 2.8.1 for air traffic control data processing are affected.

📋 TL;DR

CVE-2021-44144 is a heap-based buffer over-read vulnerability in Croatia Control Asterix software version 2.8.1. This vulnerability could allow attackers to read sensitive information from memory or potentially cause denial of service. Organizations using Asterix 2.8.1 for air traffic control data processing are affected.

💻 Affected Systems

Products:

Croatia Control Asterix

Versions: 2.8.1

Operating Systems: All platforms running Asterix 2.8.1

Default Config Vulnerable: ⚠️ Yes

Notes: Specific configuration details are limited as full vulnerability details were to be disclosed later.

📦 What is this software?

Asterix by Crocontrol

View all CVEs affecting Asterix →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data exfiltration, or service disruption in critical air traffic control systems.

🟠

Likely Case

Denial of service through application crashes or information disclosure of sensitive memory contents.

🟢

If Mitigated

Limited impact with proper network segmentation and memory protection mechanisms in place.

🌐 Internet-Facing: HIGH - If exposed to untrusted networks, exploitation could lead to significant impact.

🏢 Internal Only: MEDIUM - Internal exploitation still possible but requires network access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Buffer over-read vulnerabilities typically require some technical expertise to exploit effectively.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 2.8.1

Vendor Advisory: https://github.com/CroatiaControlLtd/asterix/issues/183

Restart Required: Yes

Instructions:

1. Check current Asterix version. 2. Upgrade to latest version from official repository. 3. Restart Asterix services. 4. Verify the fix.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Asterix systems from untrusted networks to reduce attack surface.

Memory Protection

linux

Enable ASLR and other memory protection mechanisms at OS level.

sysctl -w kernel.randomize_va_space=2

🧯 If You Can't Patch

Implement strict network access controls to limit connections to trusted sources only.
Monitor system logs for abnormal memory access patterns or crashes.

🔍 How to Verify

Check if Vulnerable:

Check Asterix version: asterix --version or examine installed package version.

Check Version:

asterix --version

Verify Fix Applied:

Verify version is greater than 2.8.1 and test with known vulnerable payloads if available.

📡 Detection & Monitoring

Log Indicators:

Application crashes
Memory access violation errors
Unusual network traffic patterns

Network Indicators:

Unexpected connections to Asterix ports
Malformed data packets to Asterix services

SIEM Query:

source="asterix.log" AND ("segmentation fault" OR "buffer over-read" OR "memory violation")

📊 Metadata

CVE ID: CVE-2021-44144

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: November 22, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/CroatiaControlLtd/asterix/issues/183 Issue Tracking,Patch,Third Party Advisory
https://github.com/CroatiaControlLtd/asterix/issues/183 Issue Tracking,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-44144, you might also want to check these: