Content
Priority: ● High
Status: ● Resolved
First Published: 2021 February 3
Advisory Version: 1.0
References: CVE-2021-3345
Summary
A vulnerability in the libgcrypt 1.9.0 cryptographic library could allow an attacker to cause a heap memory buffer overflow. More information about the defect leading to this vulnerability, which has since been fixed, can be found here. Additional information about this CVE has been posted by Red Hat and SUSE.
Affected Products
Vulnerable Products
● There are no known Hitachi Vantara Products or Solutions that ship with a Linux distribution containing the affected libgcrypt version (1.9.0).
Products Confirmed Not Vulnerable
At the time of this advisory's publication, only products listed in the Vulnerable Products section above are confirmed to be affected by this vulnerability.
Recommended Actions
Not applicable
The information contained herein is for informational purposes only. It is not intended as a guaranty or warranty about Hitachi Vantara’s products, including any guaranty or warranty that any product cannot be exploited by third parties. All product warranties and obligations to a customer must be specified in a mutually acceptable and executed contract between the parties.
CXone Metadata
CXOne URL: https://knowledge.hitachivantara.com/Security/Libgcrypt_1.9.0_cryptographic_library_heap-based_buffer_overflow_vulnerability
CXOne Page ID: 122182
Original RA Solution ID: 241403060122182
CXOne Tags: CVE,pagetype:knowledgearticle,article:cve