{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-33631", "assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "state": "PUBLISHED", "assignerShortName": "openEuler", "dateReserved": "2021-05-28T14:26:05.941Z", "datePublished": "2024-01-18T15:05:58.610Z", "dateUpdated": "2024-08-03T23:58:21.529Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://gitee.com/src-openeuler", "defaultStatus": "unaffected", "modules": ["filesystem"], "packageName": "kernel", "platforms": ["Linux"], "product": "kernel", "programFiles": ["https://gitee.com/openeuler/kernel/blob/openEuler-22.03-LTS/fs/ext4/inline.c"], "repo": "https://gitee.com/src-openeuler/kernel", "vendor": "openEuler", "versions": [{"changes": [{"at": "cf1d16ea2f1086c0765348344b70aa2361436642 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'", "status": "unaffected"}], "lessThan": "4.19.90-2401.3", "status": "affected", "version": "4.19.90", "versionType": "git"}, {"changes": [{"at": "1587126a0f2a79b3ee6cb309bbfaf079c39eda29 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'", "status": "unaffected"}], "lessThan": "5.10.0-183.0.0", "status": "affected", "version": "5.10.0-60.18.0", "versionType": "git"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.<p>This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.</p>"}], "value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.\n\n"}], "impacts": [{"capecId": "CAPEC-92", "descriptions": [{"lang": "en", "value": "CAPEC-92 Forced Integer Overflow"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "shortName": "openEuler", "dateUpdated": "2024-01-26T08:11:01.065Z"}, "references": [{"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035"}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1389"}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1396"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/3"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/4"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/5"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/9"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/10"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/3"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/2"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/6"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/9"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/03/1"}], "source": {"discovery": "UNKNOWN"}, "title": "Kernel crash in EXT4 filesystem", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-21T18:54:33.956367Z", "id": "CVE-2021-33631", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T20:45:02.175Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:58:21.529Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035", "tags": ["x_transferred"]}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1389", "tags": ["x_transferred"]}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1396", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/3", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/4", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/5", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/9", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/10", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/3", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/6", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/9", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/03/1", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034", "tags": ["x_transferred"]}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035", "tags": ["x_transferred"]}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1389", "tags": ["x_transferred"]}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1396", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/3", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/4", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/5", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/9", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/10", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/3", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/6", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/9", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/03/1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:58:21.529Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-33631", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T18:54:33.956367Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-22T14:39:45.724Z"}}], "cna": {"title": "Kernel crash in EXT4 filesystem", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-92", "descriptions": [{"lang": "en", "value": "CAPEC-92 Forced Integer Overflow"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://gitee.com/src-openeuler/kernel", "vendor": "openEuler", "modules": ["filesystem"], "product": "kernel", "versions": [{"status": "affected", "changes": [{"at": "cf1d16ea2f1086c0765348344b70aa2361436642 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'", "status": "unaffected"}], "version": "4.19.90", "lessThan": "4.19.90-2401.3", "versionType": "git"}, {"status": "affected", "changes": [{"at": "1587126a0f2a79b3ee6cb309bbfaf079c39eda29 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'", "status": "unaffected"}], "version": "5.10.0-60.18.0", "lessThan": "5.10.0-183.0.0", "versionType": "git"}], "platforms": ["Linux"], "packageName": "kernel", "programFiles": ["https://gitee.com/openeuler/kernel/blob/openEuler-22.03-LTS/fs/ext4/inline.c"], "collectionURL": "https://gitee.com/src-openeuler", "defaultStatus": "unaffected"}], "references": [{"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034"}, {"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035"}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1389"}, {"url": "https://gitee.com/src-openeuler/kernel/pulls/1396"}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/3"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/4"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/5"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/9"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/30/10"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/3"}, {"url": "http://www.openwall.com/lists/oss-security/2024/01/31/2"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/6"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/02/9"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/03/1"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.\n\n", "supportingMedia": [{"type": "text/html", "value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.<p>This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "shortName": "openEuler", "dateUpdated": "2024-01-26T08:11:01.065Z"}}}, "cveMetadata": {"cveId": "CVE-2021-33631", "state": "PUBLISHED", "dateUpdated": "2024-08-03T23:58:21.529Z", "dateReserved": "2021-05-28T14:26:05.941Z", "assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "datePublished": "2024-01-18T15:05:58.610Z", "assignerShortName": "openEuler"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:openeuler:*:*:*:*:-:-:*:*", "matchCriteriaId": "11E84FAF-EE95-41D3-9E66-7606E672DD98", "versionEndExcluding": "4.19.90-2401.3", "versionStartIncluding": "4.19.90", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:openeuler:*:*:*:*:-:linux:*:*", "matchCriteriaId": "834748B9-3D29-4A42-8162-B12D8776B1AD", "versionEndExcluding": "4.19.90-2401.3", "versionStartIncluding": "4.19.90", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:openeuler:*:*:*:*:-:-:*:*", "matchCriteriaId": "4D24BBFC-2570-4173-82CE-6AA986B35A45", "versionEndExcluding": "5.10.0-183.0.0", "versionStartIncluding": "5.10.0-60.18.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.\n\n"}, {"lang": "es", "value": "La vulnerabilidad de desbordamiento de enteros o envoltura en el kernel openEuler en Linux (m\u00f3dulos del sistema de archivos) permite el desbordamiento de enteros forzado. Este problema afecta al kernel de openEuler: desde 4.19.90 antes de 4.19.90-2401.3, desde 5.10.0-60.18.0 antes de 5.10.0-183.0 .0."}], "id": "CVE-2021-33631", "lastModified": "2024-02-03T03:15:08.760", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "securities@openeuler.org", "type": "Secondary"}]}, "published": "2024-01-18T15:15:08.860", "references": [{"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/30/10"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/30/3"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/30/4"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/30/5"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/30/9"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/31/2"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/01/31/3"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/02/02/6"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/02/02/9"}, {"source": "securities@openeuler.org", "url": "http://www.openwall.com/lists/oss-security/2024/02/03/1"}, {"source": "securities@openeuler.org", "tags": ["Patch"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8"}, {"source": "securities@openeuler.org", "tags": ["Release Notes"], "url": "https://gitee.com/src-openeuler/kernel/pulls/1389"}, {"source": "securities@openeuler.org", "tags": ["Release Notes"], "url": "https://gitee.com/src-openeuler/kernel/pulls/1396"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034"}, {"source": "securities@openeuler.org", "tags": ["Vendor Advisory"], "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035"}], "sourceIdentifier": "securities@openeuler.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "securities@openeuler.org", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:1614", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-513.24.1.rt7.326.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:1607", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-513.24.1.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:1653", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kernel-0:4.18.0-372.98.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-04-03T00:00:00Z"}, {"advisory": "RHSA-2024:2621", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kernel-0:4.18.0-477.55.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2023:2458", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-284.11.1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2023:2148", "cpe": "cpe:/a:redhat:enterprise_linux:9::nfv", "package": "kernel-rt-0:5.14.0-284.11.1.rt14.296.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2023:2458", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-284.11.1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:1836", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "kernel-0:5.14.0-70.97.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-04-16T00:00:00Z"}, {"advisory": "RHSA-2024:1840", "cpe": "cpe:/a:redhat:rhel_eus:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.97.1.rt21.169.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-04-16T00:00:00Z"}, {"advisory": "RHSA-2024:1653", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.98.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2024-04-03T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.7.13-16", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.7.13-7", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-408", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.7.13-19", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-480", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.7.13-9", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-248", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-215", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-431", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-228", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-471", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-15", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.7.13-3", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-operator-bundle:v5.7.13-27", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-rhel8-operator:v5.7.13-12", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-527", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-225", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/vector-rhel8:v0.28.1-57", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}], "bugzilla": {"description": "kernel: ext4: kernel bug in ext4_write_inline_data_end()", "id": "2261976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261976"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190", "details": ["Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.", "A flaw was found in the openEuler kernel in Linux filesystem modules that allows an integer overflow via mounting a corrupted filesystem. This issue affects the openEuler kernel in versions from 4.19.90 through 4.19.90-2401.3 and 5.10.0-60.18.0 through 5.10.0-183.0.0."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2021-33631", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2024-01-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-33631\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-33631\nhttps://seclists.org/oss-sec/2024/q1/65"], "statement": "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.2-rc1"}