How severe is CVE-2021-40008?

CVE-2021-40008 has a severity rating of 7.5 (High).

How does CVE-2021-40008 affect the software?

CVE-2021-40008 can cause a memory leak in the affected software versions, leading to potential resource depletion and stability issues.

Is there a fix available for CVE-2021-40008?

Yes, a fix for CVE-2021-40008 is available. It is recommended to update the affected software to the latest patched version provided by Huawei.

Vulnerability/
CVE-2021-40008

high

7.5

CWE

772

13/12/2021

4/8/2024

CVE-2021-40008

First published: Mon Dec 13 2021(Updated: )

There is a memory leak vulnerability in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800 and CloudEngine 7800 V200R019C00SPC800. The software does not sufficiently track and release allocated memory while parse a series of crafted binary messages, which could consume remaining memory. Successful exploit could cause memory exhaust.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei Cloudengine 7800 Firmware	=v200r019c00spc800
Huawei Cloudengine 7800
Huawei Cloudengine 6800 Firmware	=v200r019c00spc800
Huawei CloudEngine 6800
Huawei Cloudengine 5800 Firmware	=v200r019c00spc800
Huawei CloudEngine 5800
Huawei Cloudengine 12800 Firmware	=v200r019c00spc800
Huawei CloudEngine 12800

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211208-01-memleak-en

Frequently Asked Questions

What is CVE-2021-40008?
CVE-2021-40008 is a memory leak vulnerability found in CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800, and CloudEngine 7800 V200R019C00SPC800.
How severe is CVE-2021-40008?
CVE-2021-40008 has a severity rating of 7.5 (High).
Which software versions are affected by CVE-2021-40008?
CloudEngine 12800 V200R019C00SPC800, CloudEngine 5800 V200R019C00SPC800, CloudEngine 6800 V200R019C00SPC800, and CloudEngine 7800 V200R019C00SPC800 are affected by CVE-2021-40008.
How does CVE-2021-40008 affect the software?
CVE-2021-40008 can cause a memory leak in the affected software versions, leading to potential resource depletion and stability issues.
Is there a fix available for CVE-2021-40008?
Yes, a fix for CVE-2021-40008 is available. It is recommended to update the affected software to the latest patched version provided by Huawei.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/references
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/huawei
canonical/huawei cloudengine 7800 firmware
version/huawei cloudengine 7800 firmware/v200r019c00spc800
canonical/huawei cloudengine 7800
canonical/huawei cloudengine 6800 firmware
version/huawei cloudengine 6800 firmware/v200r019c00spc800
canonical/huawei cloudengine 6800
canonical/huawei cloudengine 5800 firmware
version/huawei cloudengine 5800 firmware/v200r019c00spc800
canonical/huawei cloudengine 5800
canonical/huawei cloudengine 12800 firmware
version/huawei cloudengine 12800 firmware/v200r019c00spc800
canonical/huawei cloudengine 12800

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.