Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability in openEuler iSulad on Linux
CVE-2021-33632
7HIGH
What is CVE-2021-33632?
A race condition vulnerability has been identified in openEuler's iSulad that leverages Time-of-Check and Time-of-Use (TOCTOU) mechanisms. This issue could allow unauthorized access or modification of program files, impacting the overall security and performance of systems utilizing iSulad. The affected versions include iSulad: 2.0.18-13 and the range from iSulad: 2.1.4-1 to 2.1.4-2. Addressing this vulnerability is imperative for maintaining secure operations and protecting sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
iSulad Linux 2.0.18-13
iSulad Linux 2.1.4-1 <= 2.1.4-2
References
CVSS V3.1
Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
dbearzhu@huawei.com
