Vulnerabilidad en kernel openEuler en Linux (CVE-2021-33631)
Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-190
Desbordamiento o ajuste de enteros
Fecha de publicación:
18/01/2024
Última modificación:
02/04/2025
Descripción
La vulnerabilidad de desbordamiento de enteros o envoltura en el kernel openEuler en Linux (módulos del sistema de archivos) permite el desbordamiento de enteros forzado. Este problema afecta al kernel de openEuler: desde 4.19.90 antes de 4.19.90-2401.3, desde 5.10.0-60.18.0 antes de 5.10.0-183.0 .0.
Impacto
Puntuación base 3.x
5.50
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:openatom:openeuler:*:*:*:*:-:-:*:* | 4.19.90 (incluyendo) | 4.19.90-2401.3 (excluyendo) |
| cpe:2.3:o:openatom:openeuler:*:*:*:*:-:linux:*:* | 4.19.90 (incluyendo) | 4.19.90-2401.3 (excluyendo) |
| cpe:2.3:o:openatom:openeuler:*:*:*:*:-:-:*:* | 5.10.0-60.18.0 (incluyendo) | 5.10.0-183.0.0 (excluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://www.openwall.com/lists/oss-security/2024/01/30/10
- http://www.openwall.com/lists/oss-security/2024/01/30/3
- http://www.openwall.com/lists/oss-security/2024/01/30/4
- http://www.openwall.com/lists/oss-security/2024/01/30/5
- http://www.openwall.com/lists/oss-security/2024/01/30/9
- http://www.openwall.com/lists/oss-security/2024/01/31/2
- http://www.openwall.com/lists/oss-security/2024/01/31/3
- http://www.openwall.com/lists/oss-security/2024/02/02/6
- http://www.openwall.com/lists/oss-security/2024/02/02/9
- http://www.openwall.com/lists/oss-security/2024/02/03/1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8
- https://gitee.com/src-openeuler/kernel/pulls/1389
- https://gitee.com/src-openeuler/kernel/pulls/1396
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035
- http://www.openwall.com/lists/oss-security/2024/01/30/10
- http://www.openwall.com/lists/oss-security/2024/01/30/3
- http://www.openwall.com/lists/oss-security/2024/01/30/4
- http://www.openwall.com/lists/oss-security/2024/01/30/5
- http://www.openwall.com/lists/oss-security/2024/01/30/9
- http://www.openwall.com/lists/oss-security/2024/01/31/2
- http://www.openwall.com/lists/oss-security/2024/01/31/3
- http://www.openwall.com/lists/oss-security/2024/02/02/6
- http://www.openwall.com/lists/oss-security/2024/02/02/9
- http://www.openwall.com/lists/oss-security/2024/02/03/1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8
- https://gitee.com/src-openeuler/kernel/pulls/1389
- https://gitee.com/src-openeuler/kernel/pulls/1396
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035