CVE-2021-33630 - Vulnerability Details

NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Openatom	Openeuler
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:openatom:openeuler:*:*:*:*:-:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-193.rt13.51.el8	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2020:1567	2020-04-28T00:00:00Z
kernel-0:4.18.0-193.el8	cpe:/o:redhat:enterprise_linux:8	RHSA-2020:1769	2020-04-28T00:00:00Z

References

Link	Providers
http://www.openwall.com/lists/oss-security/2024/01/30/10
http://www.openwall.com/lists/oss-security/2024/01/30/3
http://www.openwall.com/lists/oss-security/2024/01/30/4
http://www.openwall.com/lists/oss-security/2024/01/30/5
http://www.openwall.com/lists/oss-security/2024/01/30/9
http://www.openwall.com/lists/oss-security/2024/01/31/2
http://www.openwall.com/lists/oss-security/2024/01/31/3
http://www.openwall.com/lists/oss-security/2024/02/02/6
http://www.openwall.com/lists/oss-security/2024/02/02/9
http://www.openwall.com/lists/oss-security/2024/02/03/1
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c
https://gitee.com/src-openeuler/kernel/pulls/1389
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://nvd.nist.gov/vuln/detail/CVE-2021-33630
https://seclists.org/oss-sec/2024/q1/65
https://www.cve.org/CVERecord?id=CVE-2021-33630
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031

History

Wed, 02 Apr 2025 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Openatom Openatom openeuler
CPEs	cpe:2.3:o:huawei:openeuler:::::-:::*	cpe:2.3:o:openatom:openeuler:::::-:::*
Vendors & Products	Huawei Huawei openeuler	Openatom Openatom openeuler

Thu, 13 Feb 2025 16:45:00 +0000

Type	Values Removed	Values Added
Description	NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.	NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

Mon, 21 Oct 2024 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: openEuler

Published: 2024-01-18T15:00:49.312Z

Updated: 2025-02-13T16:28:21.010Z

Reserved: 2021-05-28T14:26:05.940Z

Link: CVE-2021-33630

Vulnrichment

Updated: 2024-08-03T23:58:21.572Z

NVD

Status : Modified

Published: 2024-01-18T15:15:08.653

Modified: 2025-04-02T18:33:53.340

Link: CVE-2021-33630

Redhat

Severity : Moderate

Publid Date: 2024-01-18T00:00:00Z

Links: CVE-2021-33630 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object