oss-sec mailing list archives
Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631
From: Armin Kuster <akuster () mvista com>
Date: Fri, 2 Feb 2024 12:20:22 -0500
On Tue, Jan 30, 2024 at 9:25 AM Solar Designer <solar () openwall com> wrote:
Hi, On Tue, Jan 30, 2024 at 08:46:56AM -0500, Armin Kuster wrote:Not sure if this is the appropriate mailing list to share thisinformation. Since the issues are not specific to one downstream distro, yes, it is appropriate and desirable to have this information in here. Thank you! However, two things can be done better on further occasions: actual vulnerability information should be included in the message body (not only links) and the Subject line should explicitly say Linux when referring to the Linux kernel (since this list isn't only about Linux).I noticed these two openEuler CVEs were assigned two weeks ago affecting some K.O stable branches. https://nvd.nist.gov/vuln/detail/CVE-2021-33630This says: "NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3."https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c This mainline commit is from 2019, "net/sched: cbs: Fix not adding cbs instance to list".https://nvd.nist.gov/vuln/detail/CVE-2021-33631This says: "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0."https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8 2022, "ext4: fix kernel BUG in 'ext4_write_inline_data_end()'" So the concern is that upstream longterm 4.19.y and 5.10.y (and perhaps some others) may still be affected. The above links don't say anything about attack vectors and required access - I guess CAP_NET_ADMIN and raw block device write (e.g., to a USB flash drive on another computer), respectively, are the prerequisites? The CVSS scores look exaggerated, especially NVD's score of 7.8 for CVE-2021-33631.
Thanks for taking the time to explain. Hope to do better next time. Armin
Alexander
Current thread:
- FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Armin Kuster (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Solar Designer (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Greg KH (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Solar Designer (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Greg KH (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Demi Marie Obenour (Jan 31)
- Re: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Roxana Bradescu (Feb 02)
- Re: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Demi Marie Obenour (Feb 02)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Greg KH (Jan 30)
- Re: FWD: Kernel vulnerabilities CVE-2021-33630 & CVE-2021-33631 Solar Designer (Jan 30)