CVE-2021-33630

Description

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.08%• Percentile: 23%

Techniques & Countermeasures

• CWE-476•NULL Pointer Dereference

  The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

• openatom•openeuler

  ≥ 4.19.90, < 4.19.90-2401.3

• openeuler•kernel

  ≥ 4.19.90, < 4.19.90-2401.3

References (15)

• https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
• https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
• https://gitee.com/src-openeuler/kernel/pulls/1389
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c
• http://www.openwall.com/lists/oss-security/2024/01/30/3
• http://www.openwall.com/lists/oss-security/2024/01/30/4
• http://www.openwall.com/lists/oss-security/2024/01/30/5
• http://www.openwall.com/lists/oss-security/2024/01/30/9
• http://www.openwall.com/lists/oss-security/2024/01/30/10
• http://www.openwall.com/lists/oss-security/2024/01/31/3
• http://www.openwall.com/lists/oss-security/2024/01/31/2
• http://www.openwall.com/lists/oss-security/2024/02/02/6
• http://www.openwall.com/lists/oss-security/2024/02/02/9
• http://www.openwall.com/lists/oss-security/2024/02/03/1
• https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html