CVE-2021-22304 - Vulnerability Details - OpenCVE

There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Huawei	Taurus-al00a Taurus-al00a Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:taurus-al00a_firmware:10.0.0.1\(c00e1r1p1\):*:*:*:*:*:*:*

cpe:2.3:h:huawei:taurus-al00a:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en

History

No history.

MITRE

Status: PUBLISHED

Assigner: huawei

Published: 2021-02-06T02:18:09

Updated: 2024-08-03T18:37:18.426Z

Reserved: 2021-01-05T00:00:00

Link: CVE-2021-22304

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-02-06T03:15:12.890

Modified: 2024-11-21T05:49:52.550

Link: CVE-2021-22304

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Taurus-AL00A", "vendor": "n/a", "versions": [{"status": "affected", "version": "10.0.0.1(C00E1R1P1)"}]}], "descriptions": [{"lang": "en", "value": "There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service."}], "problemTypes": [{"descriptions": [{"description": "Use After Free", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-06T02:18:09", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2021-22304", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Taurus-AL00A", "version": {"version_data": [{"version_value": "10.0.0.1(C00E1R1P1)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use After Free"}]}]}, "references": {"reference_data": [{"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en", "refsource": "CONFIRM", "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:37:18.426Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2021-22304", "datePublished": "2021-02-06T02:18:09", "dateReserved": "2021-01-05T00:00:00", "dateUpdated": "2024-08-03T18:37:18.426Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:taurus-al00a_firmware:10.0.0.1\\(c00e1r1p1\\):*:*:*:*:*:*:*", "matchCriteriaId": "1110292D-92A1-4B57-BFE6-042389ED1C2B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:taurus-al00a:-:*:*:*:*:*:*:*", "matchCriteriaId": "369D8168-4BFA-4003-A332-3E6876459623", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en Taurus-AL00A versi\u00f3n 10.0.0.1(C00E1R1P1). Un m\u00f3dulo puede hacer referencia a alguna memoria despu\u00e9s de haberla liberado mientras se ocupa de algunos mensajes. Los atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de un mensaje espec\u00edfico al m\u00f3dulo afectado. Esto puede conllevar a un bloqueo del m\u00f3dulo, comprometiendo el servicio normal"}], "id": "CVE-2021-22304", "lastModified": "2024-11-21T05:49:52.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-06T03:15:12.890", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-03-smartphone-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}