CVE-2021-33637 – Export container in a malicious directory may cause process to be hijacked
https://notcve.org/view.php?id=CVE-2021-33637
When the isula export command is used to export a container to an image and the container is controlled by an attacker, the attacker can escape the container. Cuando el comando isula export se utiliza para exportar un contenedor a una imagen y el contenedor está controlado por un atacante, el atacante puede escapar del contenedor. • https://gitee.com/src-openeuler/iSulad/pulls/600/files https://gitee.com/src-openeuler/iSulad/pulls/627/files https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 • CWE-665: Improper Initialization •
CVE-2021-33636 – Load malicious images may cause process to be hijacked
https://notcve.org/view.php?id=CVE-2021-33636
When the isula load command is used to load malicious images, attackers can execute arbitrary code. Cuando el comando isula load se utiliza para cargar imágenes maliciosas, los atacantes pueden ejecutar código arbitrario. • https://gitee.com/src-openeuler/iSulad/pulls/600/files https://gitee.com/src-openeuler/iSulad/pulls/627/files https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-665: Improper Initialization •
CVE-2021-33635 – Pull malicious images may cause process to be hijacked
https://notcve.org/view.php?id=CVE-2021-33635
When malicious images are pulled by isula pull, attackers can execute arbitrary code. Cuando isula pull extrae imágenes maliciosas, los atacantes pueden ejecutar código arbitrario. • https://gitee.com/src-openeuler/iSulad/pulls/600/files https://gitee.com/src-openeuler/iSulad/pulls/627/files https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-665: Improper Initialization •
CVE-2021-33634 – Malicious image running containers may cause DoS attacks
https://notcve.org/view.php?id=CVE-2021-33634
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS. iSulad utiliza el tiempo de ejecución lcr+lxc (predeterminado) para ejecutar imágenes maliciosas, lo que puede provocar DOS. • https://gitee.com/src-openeuler/lcr/pulls/251/files https://gitee.com/src-openeuler/lcr/pulls/257/files https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1692 • CWE-665: Improper Initialization •
CVE-2021-33641
https://notcve.org/view.php?id=CVE-2021-33641
When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory (use after free). • https://gitee.com/src-openeuler/byacc/commit/50225f48c6b53e9d7c936681a06682404cb8ec4d • CWE-416: Use After Free •