Huawei Openeuler
By the Year
In 2023 there have been 0 vulnerabilities in Huawei Openeuler . Last year Openeuler had 6 security vulnerabilities published. Right now, Openeuler is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 6 | 8.13 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Openeuler vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Openeuler Security Vulnerabilities
After tar_close(), libtar.c releases the memory pointed to by pointer t
CVE-2021-33640
9.8 - Critical
- December 19, 2022
After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).
Dangling pointer
The th_read() function doesnt free a variable t->th_buf.gnu_longname after allocating memory
CVE-2021-33646
7.5 - High
- August 10, 2022
The th_read() function doesnt free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
Memory Leak
The th_read() function doesnt free a variable t->th_buf.gnu_longlink after allocating memory
CVE-2021-33645
7.5 - High
- August 10, 2022
The th_read() function doesnt free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
Memory Leak
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname
CVE-2021-33644
8.1 - High
- August 10, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
Out-of-bounds Read
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink
CVE-2021-33643
9.1 - Critical
- August 10, 2022
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
Out-of-bounds Read
When setting font with malicous data by ioctl cmd PIO_FONT
CVE-2021-33656
6.8 - Medium
- July 18, 2022
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Huawei? Click the Watch button to subscribe.
