CVE-2021-43618

Public on 2021-11-15

Modified on 2024-02-02

Description

A flaw was found in gmp. An integer overflow vulnerability could allow an attacker to input an integer value leading to a crash. The highest threat from this vulnerability is to system availability.

Severity

Low

See what this means

CVSS v3 Base Score

3.3

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 2 - Core	gmp	2023-11-29 22:20	ALAS2-2023-2369
Amazon Linux 2023	gmp	2023-02-17 20:44	ALAS2023-2023-033

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	3.3	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
NVD	CVSSv2	5.0	AV:N/AC:L/Au:N/C:N/I:N/A:P
NVD	CVSSv3	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Red Hat: CVE-2021-43618 Mitre: CVE-2021-43618 FAQs regarding Amazon Linux ALAS/CVE Severity