Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Filtered by product Openeuler
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33658 1 Huawei 2 Atune, Openeuler 2024-11-21 4.6 MEDIUM 7.8 HIGH
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
CVE-2021-33656 3 Debian, Huawei, Linux 3 Debian Linux, Openeuler, Linux Kernel 2024-11-21 N/A 6.8 MEDIUM
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
CVE-2021-33646 3 Fedoraproject, Feep, Huawei 3 Fedora, Libtar, Openeuler 2024-11-21 N/A 7.5 HIGH
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
CVE-2021-33645 3 Fedoraproject, Feep, Huawei 3 Fedora, Libtar, Openeuler 2024-11-21 N/A 7.5 HIGH
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33644 3 Fedoraproject, Feep, Huawei 3 Fedora, Libtar, Openeuler 2024-11-21 N/A 8.1 HIGH
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33643 3 Fedoraproject, Feep, Huawei 3 Fedora, Libtar, Openeuler 2024-11-21 N/A 9.1 CRITICAL
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33640 2 Fedoraproject, Huawei 2 Fedora, Openeuler 2024-11-21 N/A 6.2 MEDIUM
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).
CVE-2021-33631 1 Huawei 1 Openeuler 2024-11-21 N/A 5.5 MEDIUM
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.
CVE-2021-33630 1 Huawei 1 Openeuler 2024-11-21 N/A 5.5 MEDIUM
NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.