CVE-2021-33632

Name of the Vulnerable Software and Affected Versions openEuler iSulad version 2.0.18-13 openEuler iSulad versions 2.1.4-1 through 2.1.4-2

Description The issue is a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in openEuler iSulad on Linux, allowing the leveraging of Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This vulnerability is associated with program files, specifically the main.C file in the iSulad repository.

Recommendations For openEuler iSulad version 2.0.18-13, update to a version that addresses the TOCTOU Race Condition vulnerability. For openEuler iSulad versions 2.1.4-1 through 2.1.4-2, update to a version that addresses the TOCTOU Race Condition vulnerability. As a temporary workaround, consider restricting access to the vulnerable program files, specifically the main.C file, until a patch is available.