How severe is CVE-2021-22340?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2021-22340?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2021-22340

MEDIUM Year: 2021

CVSS v3 Score

4.1

Medium

CVSS v2 Score

4.7

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operations. Successful exploitation of this vulnerability may cause the system to crash. Affected product versions include: ManageOne 6.5.1.SPC200, 8.0.0,8.0.0-LCND81, 8.0.0.SPC100, 8.0.1,8.0.RC2, 8.0.RC3, 8.0.RC3.SPC100;SMC2.0 V600R019C10SPC700,V600R019C10SPC702, V600R019C10SPC703,V600R019C10SPC800, V600R019C10SPC900, V600R019C10SPC910, V600R019C10SPC920, V600R019C10SPC921, V600R019C10SPC922, V600R019C10SPC930, V600R019C10SPC931

CVE-2009-5152

MEDIUM

CVSS:4.1(Medium)

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to ...

CWE-3622009

CVE-2020-0199

MEDIUM

CVSS:4.1(Medium)

In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges...

CWE-3622020

CVE-2020-12652

MEDIUM

CVSS:4.1(Medium)

The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i...

CWE-3622020

CVE-2021-39648

MEDIUM

CVSS:4.1(Medium)

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privilege...

CWE-3622021

CVE-2021-39727

MEDIUM

CVSS:4.1(Medium)

In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclos...

CWE-3622021

CVE-2021-39792

MEDIUM

CVSS:4.1(Medium)

In usb_gadget_giveback_request of core.c, there is a possible use after free out of bounds read due to a race condition. This could lead to local information disclosure with System execution privilege...

CWE-3622021

CVE-2021-22340

Vulnerability Description

Related Vulnerabilities

CVE-2009-5152

CVE-2020-0199

CVE-2020-12652

CVE-2021-39648

CVE-2021-39727

CVE-2021-39792