Vulnerability DatabaseCVE-2021-29672

CVE-2021-29672:
Linux Gentoo vulnerability analysis and mitigation

Overview

IBM Spectrum Protect client was identified with a vulnerability (CVE-2021-29672) that was discovered and disclosed in April 2021. The vulnerability affects IBM Spectrum Protect Backup-Archive Client versions 7.1.x (prior to 7.1.8.11) and 8.1.x (prior to 8.1.12), as well as IBM Spectrum Protect for Space Management versions 7.1.x and 8.1.x (IBM Security Bulletin).

Technical details

The vulnerability is classified as a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. The vulnerability has a CVSS Base score of 8.4 with a vector of CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (IBM Security Bulletin).

Impact

A successful exploitation of this vulnerability could allow a local attacker to overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash (IBM Security Bulletin).

Mitigation and workarounds

IBM has released fixes for affected versions. For version 8.1, users should upgrade to version 8.1.12 (8.1.9.2 for Macintosh). For version 7.1, users should upgrade to version 7.1.8.11. The fixes are available for multiple platforms including AIX, Linux, Macintosh, Solaris, and Windows. No workarounds are available for this vulnerability (IBM Security Bulletin).

Additional resources

Source: This report was generated using AI

Related Linux Gentoo vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-13470	HIGH	7.7	Linux Debian	rnp-debuginfo	No	Yes	Nov 21, 2025
CVE-2025-65018	HIGH	7.1	NixOS	java-21-openjdk-fastdebug	No	Yes	Nov 25, 2025
CVE-2025-64720	HIGH	7.1	NixOS	java-1.8.0-openjdk-devel-slowdebug	No	Yes	Nov 25, 2025
CVE-2025-64506	MEDIUM	6.1	NixOS	java-1.8.0-openjdk-src	No	Yes	Nov 25, 2025
CVE-2025-64505	MEDIUM	6.1	NixOS	java-21-openjdk-javadoc	No	Yes	Nov 25, 2025