CVE-2021-33630
NULL-ptr-deref in network sched
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C.
This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.
La vulnerabilidad de desreferencia de puntero NULL en el kernel openEuler en Linux (módulos de red) permite la manipulación de puntero. Esta vulnerabilidad está asociada con los archivos de programa net/sched/sch_cbs.C. Este problema afecta al kernel de openEuler: desde 4.19.90 antes de 4.19.90-2401.3.
A NULL pointer dereference flaw was found in the Linux kernel's network scheduler. This issue occurs when offloading is enabled, the cbs instance is not added to the list. The code also incorrectly handles the case when offload is disabled without removing the qdisc. This could allow a local user to cause a denial of service condition.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2021-05-28 CVE Reserved
- 2024-01-18 CVE Published
- 2024-02-08 EPSS Updated
- 2024-10-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
- CAPEC-129: Pointer Manipulation
References (17)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Openeuler Search vendor "Huawei" for product "Openeuler" | >= 4.19.90 < 4.19.90-2401.3 Search vendor "Huawei" for product "Openeuler" and version " >= 4.19.90 < 4.19.90-2401.3" | - |
Affected
| ||||||