Openatom Openeuler vulnerabilities

CVE-2021-33631 [HIGH] CWE-190 CVE-2021-33631: Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allow Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

CVE-2021-33630 [MEDIUM] CWE-476 CVE-2021-33630: NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

CVE-2021-33640 [CRITICAL] CWE-416 CVE-2021-33640: After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).

CVE-2021-33643 [CRITICAL] CWE-125 CVE-2021-33643: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

CVE-2021-33646 [HIGH] CWE-401 CVE-2021-33646: The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

CVE-2021-33644 [HIGH] CWE-125 CVE-2021-33644: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.

CVE-2021-33645 [HIGH] CWE-401 CVE-2021-33645: The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

CVE-2021-33656 [MEDIUM] CWE-787 CVE-2021-33656: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.