CVE-2021-33630

low-risk

Published 2024-01-18

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Openeuler

Affected Vendors

Openatom

References (30)

http://www.openwall.com/lists/oss-security/2024/01/30/10

http://www.openwall.com/lists/oss-security/2024/01/30/3

http://www.openwall.com/lists/oss-security/2024/01/30/4

http://www.openwall.com/lists/oss-security/2024/01/30/5

http://www.openwall.com/lists/oss-security/2024/01/30/9

http://www.openwall.com/lists/oss-security/2024/01/31/2

http://www.openwall.com/lists/oss-security/2024/01/31/3

http://www.openwall.com/lists/oss-security/2024/02/02/6

http://www.openwall.com/lists/oss-security/2024/02/02/9

http://www.openwall.com/lists/oss-security/2024/02/03/1

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e...

Release Notes https://gitee.com/src-openeuler/kernel/pulls/1389

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Vendor Advisory https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA...

http://www.openwall.com/lists/oss-security/2024/01/30/10

http://www.openwall.com/lists/oss-security/2024/01/30/3

http://www.openwall.com/lists/oss-security/2024/01/30/4

http://www.openwall.com/lists/oss-security/2024/01/30/5

http://www.openwall.com/lists/oss-security/2024/01/30/9

and 10 more references

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal