CVE-2021-33631 Kernel crash in EXT4 filesystem

2024-01-1815:05:58

CWE-190

openEuler

www.cve.org

cve-2021-33631

integer overflow

kernel crash

linux

openeuler

filesystem modules

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

CNA Affected

[
  {
    "collectionURL": "https://gitee.com/src-openeuler",
    "defaultStatus": "unaffected",
    "modules": [
      "filesystem"
    ],
    "packageName": "kernel",
    "platforms": [
      "Linux"
    ],
    "product": "kernel",
    "programFiles": [
      "https://gitee.com/openeuler/kernel/blob/openEuler-22.03-LTS/fs/ext4/inline.c"
    ],
    "repo": "https://gitee.com/src-openeuler/kernel",
    "vendor": "openEuler",
    "versions": [
      {
        "changes": [
          {
            "at": "cf1d16ea2f1086c0765348344b70aa2361436642 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
            "status": "unaffected"
          }
        ],
        "lessThan": "4.19.90-2401.3",
        "status": "affected",
        "version": "4.19.90",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "1587126a0f2a79b3ee6cb309bbfaf079c39eda29 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
            "status": "unaffected"
          }
        ],
        "lessThan": "5.10.0-183.0.0",
        "status": "affected",
        "version": "5.10.0-60.18.0",
        "versionType": "git"
      }
    ]
  }
]