CVE-2021-22332: Double Free
First published: Wed Apr 28 2021(Updated: )
There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Cloudengine 12800 Firmware | =v200r002c50spc800 | |
| Huawei Cloudengine 12800 Firmware | =v200r003c00spc810 | |
| Huawei Cloudengine 12800 Firmware | =v200r005c00spc800 | |
| Huawei Cloudengine 12800 Firmware | =v200r005c10spc800 | |
| Huawei CloudEngine 12800 | ||
| Huawei Cloudengine 5800 Firmware | =v200r002c50spc800 | |
| Huawei Cloudengine 5800 Firmware | =v200r003c00spc810 | |
| Huawei Cloudengine 5800 Firmware | =v200r005c00spc800 | |
| Huawei Cloudengine 5800 Firmware | =v200r005c10spc800 | |
| Huawei CloudEngine 5800 | ||
| Huawei Cloudengine 6800 Firmware | =v200r002c50spc800 | |
| Huawei Cloudengine 6800 Firmware | =v200r003c00spc810 | |
| Huawei Cloudengine 6800 Firmware | =v200r005c00spc800 | |
| Huawei Cloudengine 6800 Firmware | =v200r005c10spc800 | |
| Huawei CloudEngine 6800 | ||
| Huawei Cloudengine 7800 Firmware | =v200r002c50spc800 | |
| Huawei Cloudengine 7800 Firmware | =v200r003c00spc810 | |
| Huawei Cloudengine 7800 Firmware | =v200r005c00spc800 | |
| Huawei Cloudengine 7800 Firmware | =v200r005c10spc800 | |
| Huawei Cloudengine 7800 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-22332?
CVE-2021-22332 is a pointer double free vulnerability in some versions of Huawei CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, and CloudEngine 12800.
What is the severity of CVE-2021-22332?
The severity of CVE-2021-22332 is high with a CVSS score of 7.5.
How does the vulnerability in CVE-2021-22332 work?
The vulnerability in CVE-2021-22332 occurs when a function is called, and the same memory pointer is copied to two functional modules, allowing attackers to perform a malicious operation.
Which versions of CloudEngine devices are affected by CVE-2021-22332?
The affected versions include Huawei CloudEngine 5800, CloudEngine 6800, CloudEngine 7800, and CloudEngine 12800 with specific firmware versions.
How can I fix CVE-2021-22332?
To fix CVE-2021-22332, it is recommended to update the firmware of the affected Huawei CloudEngine devices to a non-vulnerable version.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei cloudengine 12800 firmware
- version/huawei cloudengine 12800 firmware/v200r002c50spc800
- version/huawei cloudengine 12800 firmware/v200r003c00spc810
- version/huawei cloudengine 12800 firmware/v200r005c00spc800
- version/huawei cloudengine 12800 firmware/v200r005c10spc800
- canonical/huawei cloudengine 12800
- canonical/huawei cloudengine 5800 firmware
- version/huawei cloudengine 5800 firmware/v200r002c50spc800
- version/huawei cloudengine 5800 firmware/v200r003c00spc810
- version/huawei cloudengine 5800 firmware/v200r005c00spc800
- version/huawei cloudengine 5800 firmware/v200r005c10spc800
- canonical/huawei cloudengine 5800
- canonical/huawei cloudengine 6800 firmware
- version/huawei cloudengine 6800 firmware/v200r002c50spc800
- version/huawei cloudengine 6800 firmware/v200r003c00spc810
- version/huawei cloudengine 6800 firmware/v200r005c00spc800
- version/huawei cloudengine 6800 firmware/v200r005c10spc800
- canonical/huawei cloudengine 6800
- canonical/huawei cloudengine 7800 firmware
- version/huawei cloudengine 7800 firmware/v200r002c50spc800
- version/huawei cloudengine 7800 firmware/v200r003c00spc810
- version/huawei cloudengine 7800 firmware/v200r005c00spc800
- version/huawei cloudengine 7800 firmware/v200r005c10spc800
- canonical/huawei cloudengine 7800