8 matches found
CVE-2021-33656
CVE-2021-33656 affects the Linux kernel: setting a font with malicious data via the PIO_FONT ioctl can cause a memory out-of-bounds write. Affected: kernel font handling path; root cause: out-of-bounds write in ioctl processing. Impact: local code execution is not explicitly stated; exploitation ...
CVE-2021-33631
CVE-2021-33631 is described as an Integer Overflow or Wraparound vulnerability in the openEuler kernel (filesystem modules) that allows Forced Integer Overflow. It affects openEuler kernel versions 4.19.90 before 4.19.90-2401.3 and 5.10.0-60.18.0 before 5.10.0-183.0.0. The initial document does n...
CVE-2021-33646
CVE-2021-33646 affects the libtar library. The root cause is a memory leak in th_read() where t->th_buf.gnu_longname is not freed after allocation, as documented across multiple advisories (including Debian DLA-4033-1, CBLMariner entries, AlmaLinux ALSA-2023:2898, and OpenEuler/CNNVD reference...
CVE-2021-33630
CVE-2021-33630 corresponds to a NULL Pointer Dereference in the openEuler kernel (network modules), specifically in net/sched/sch_cbs.C. Affected kernel versions are 4.19.90 before 4.19.90-2401.3. The vulnerability is described as enabling Pointer Manipulation with a high availability impact, and...
CVE-2021-33643
CVE-2021-33643 is a vulnerability in the libtar library where an attacker submitting a crafted tar file with a header size of 0 can trigger a call to malloc(0) for gnu_longlink, leading to an out-of-bounds read. The issue is documented across multiple connected sources (open-source Linux distribu...
CVE-2021-33645
CVE-2021-33645 reports a memory leak in the libtar th_read() function due to not freeing t->th_buf.gnu_longlink after allocation. Connected advisories confirm this affects multiple distributions with varying affected versions (e.g., libtar ≤ 1.2.20-11 in some cases; sometimes ≤ 1.2.20-10 or 1....
CVE-2021-33644
CVE-2021-33644 affects libtar. A crafted tar header with size 0 may trigger malloc(0) for gnu_longname, causing an out-of-bounds read. Multiple third-party advisories confirm libtar updates (e.g., patched versions such as 1.2.20-11 in various distributions) as a remediation. No exploitation detai...
CVE-2021-33640
CVE-2021-33640 is a use-after-free in libtar after tar_close() in tar_close/t->th_buf handling (free_longlink_longname). The issue is documented across multiple advisories and scanners: EulerOS (EulerOS-SA-2023-1575/1585), TencentOS/TSSA-2023:0136, Oracle Linux ELSA-2023-2898, Fedora 2022 advi...