CVE-2021-33630NULL Pointer Dereference in Kernel

CWE-476NULL Pointer Dereference6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 77.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Openeuler KernelLinux KernelOpenatom Openeuler+1 more
Timeline
PublishedJan 18
Latest updateJan 30

Description

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

CVEListV5openeuler/kernel4.19.904.19.90-2401.3
Debianlinux/linux_kernel< 5.3.7-1+3
NVDopenatom/openeuler4.19.904.19.90-2401.3
debiandebian/linux< linux 5.3.7-1 (bookworm)

🔴Vulnerability Details

2
GHSA
GHSA-4mwf-4888-4x35: NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation2024-01-18
OSV
CVE-2021-33630: NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation2024-01-18

📋Vendor Advisories

2
Red Hat
kernel: net/sched: cbs NULL pointer dereference when offloading is enabled2024-01-18
Debian
CVE-2021-33630: linux - NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network mod...2021

💬Community

1
Bugzilla
CVE-2021-33630 kernel: net/sched: cbs NULL pointer dereference when offloading is enabled2024-01-30