CWE-479

Signal Handler Use of a Non-reentrant Function

The product defines a signal handler that calls a non-reentrant function.

CVE-2021-26948 (GCVE-0-2021-26948)

Vulnerability from cvelistv5 – Published: 2022-03-03 00:00 – Updated: 2024-08-03 20:33

Summary

Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file.

Severity ?

No CVSS data available.

CWE

CWE-479 - >CWE-476

Assigner

redhat

References

URL

Tags

https://github.com/michaelrsweet/htmldoc/issues/410

Impacted products

	Vendor	Product	Version
	n/a	htmldoc	Affected: v1.9.11

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:33:41.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/michaelrsweet/htmldoc/issues/410"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "htmldoc",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "v1.9.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-479",
              "description": "CWE-479-\u003eCWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-07T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/michaelrsweet/htmldoc/issues/410"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-26948",
    "datePublished": "2022-03-03T00:00:00",
    "dateReserved": "2021-04-06T00:00:00",
    "dateUpdated": "2024-08-03T20:33:41.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation

Phase: Requirements

Description:

Require languages or libraries that provide reentrant functionality, or otherwise make it easier to avoid this weakness.

Mitigation

Phase: Architecture and Design

Description:

Design signal handlers to only set flags rather than perform complex functionality.

Mitigation

Phase: Implementation

Description:

Ensure that non-reentrant functions are not found in signal handlers.

Mitigation

Phase: Implementation

Description:

Use sanity checks to reduce the timing window for exploitation of race conditions. This is only a partial solution, since many attacks might fail, but other attacks still might work within the narrower window, even accidentally.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page