Openeuler Huawei Openeuler

Do you want an email whenever new security vulnerabilities are reported in Huawei Openeuler?

By the Year

In 2024 there have been 2 vulnerabilities in Huawei Openeuler with an average score of 6.7 out of ten. Openeuler did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2024 as compared to last year.

Year Vulnerabilities Average Score
2024 2 6.65
2023 0 0.00
2022 6 8.13
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Openeuler vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Openeuler Security Vulnerabilities

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation

CVE-2021-33630 5.5 - Medium - January 18, 2024

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

NULL Pointer Dereference

Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules)

CVE-2021-33631 7.8 - High - January 18, 2024

Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

Integer Overflow or Wraparound

After tar_close(), libtar.c releases the memory pointed to by pointer t

CVE-2021-33640 9.8 - Critical - December 19, 2022

After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free).

Dangling pointer

The th_read() function doesnt free a variable t->th_buf.gnu_longname after allocating memory

CVE-2021-33646 7.5 - High - August 10, 2022

The th_read() function doesnt free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Memory Leak

The th_read() function doesnt free a variable t->th_buf.gnu_longlink after allocating memory

CVE-2021-33645 7.5 - High - August 10, 2022

The th_read() function doesnt free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.

Memory Leak

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname

CVE-2021-33644 8.1 - High - August 10, 2022

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.

Out-of-bounds Read

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink

CVE-2021-33643 9.1 - Critical - August 10, 2022

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.

Out-of-bounds Read

When setting font with malicous data by ioctl cmd PIO_FONT

CVE-2021-33656 6.8 - Medium - July 18, 2022

When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Debian Linux or by Huawei? Click the Watch button to subscribe.

Huawei
Vendor

subscribe