Priority: ● High
Status: ● Resolved
First Published: 2021 February 3
Advisory Version: 1.0
References: CVE-2021-3345
A vulnerability in the libgcrypt 1.9.0 cryptographic library could allow an attacker to cause a heap memory buffer overflow. More information about the defect leading to this vulnerability, which has since been fixed, can be found here. Additional information about this CVE has been posted by Red Hat and SUSE.
● There are no known Hitachi Vantara Products or Solutions that ship with a Linux distribution containing the affected libgcrypt version (1.9.0).
At the time of this advisory's publication, only products listed in the Vulnerable Products section above are confirmed to be affected by this vulnerability.
Not applicable
The information contained herein is for informational purposes only. It is not intended as a guaranty or warranty about Hitachi Vantara’s products, including any guaranty or warranty that any product cannot be exploited by third parties. All product warranties and obligations to a customer must be specified in a mutually acceptable and executed contract between the parties.
CXOne URL: https://knowledge.hitachivantara.com/Security/Libgcrypt_1.9.0_cryptographic_library_heap-based_buffer_overflow_vulnerability
CXOne Page ID: 122182
Original RA Solution ID: 241403060122182
CXOne Tags: CVE,pagetype:knowledgearticle,article:cve