Kernel crash in EXT4 filesystem
CVE-2021-33631

7.8HIGH

Key Information:

Vendor: Openeuler
Status: Kernel
Vendor: CVE Published:; 18 January 2024

What is CVE-2021-33631?

An integer overflow or wraparound vulnerability exists in the openEuler kernel utilized within Linux filesystem modules. This flaw can lead to forced integer overflow, potentially enabling attackers to manipulate system resources or exploit further vulnerabilities. The issue affects openEuler kernel versions earlier than 4.19.90-2401.3 and 5.10.0-183.0.0, highlighting the need for users to update their systems to mitigate risks associated with this vulnerability. Vigilant system maintenance and timely updates are essential in maintaining security integrity.

Affected Version(s)

kernel Linux 4.19.90 < 4.19.90-2401.3

kernel Linux 5.10.0-60.18.0 < 5.10.0-183.0.0

References

https://www.openeuler.org/zh/security/security-bulletins/...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
May 28, 2021

Openeuler

What is CVE-2021-33631?

Affected Version(s)

References

CVSS V3.1

Timeline