CVE-2021-33631
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:openeuler | huawei openeuler | lt | 4.19.90-2401.3 |
| huawei:openeuler | huawei openeuler | lt | 5.10.0-183.0.0 |
CNA Affected
[
{
"collectionURL": "https://gitee.com/src-openeuler",
"defaultStatus": "unaffected",
"modules": [
"filesystem"
],
"packageName": "kernel",
"platforms": [
"Linux"
],
"product": "kernel",
"programFiles": [
"https://gitee.com/openeuler/kernel/blob/openEuler-22.03-LTS/fs/ext4/inline.c"
],
"repo": "https://gitee.com/src-openeuler/kernel",
"vendor": "openEuler",
"versions": [
{
"changes": [
{
"at": "cf1d16ea2f1086c0765348344b70aa2361436642 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
"status": "unaffected"
}
],
"lessThan": "4.19.90-2401.3",
"status": "affected",
"version": "4.19.90",
"versionType": "git"
},
{
"changes": [
{
"at": "1587126a0f2a79b3ee6cb309bbfaf079c39eda29 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
"status": "unaffected"
}
],
"lessThan": "5.10.0-183.0.0",
"status": "affected",
"version": "5.10.0-60.18.0",
"versionType": "git"
}
]
}
]References
www.openwall.com/lists/oss-security/2024/01/30/10
www.openwall.com/lists/oss-security/2024/01/30/3
www.openwall.com/lists/oss-security/2024/01/30/4
www.openwall.com/lists/oss-security/2024/01/30/5
www.openwall.com/lists/oss-security/2024/01/30/9
www.openwall.com/lists/oss-security/2024/01/31/2
www.openwall.com/lists/oss-security/2024/01/31/3
www.openwall.com/lists/oss-security/2024/02/02/6
www.openwall.com/lists/oss-security/2024/02/02/9
www.openwall.com/lists/oss-security/2024/02/03/1
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8
gitee.com/src-openeuler/kernel/pulls/1389
gitee.com/src-openeuler/kernel/pulls/1396
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%