CVE-2021-33630: NULL-ptr-deref in network sched
First published: Thu Jan 18 2024(Updated: )
NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.
Credit: securities@openeuler.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openEuler | >=4.19.90<4.19.90-2401.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2024/01/30/10
- http://www.openwall.com/lists/oss-security/2024/01/30/3
- http://www.openwall.com/lists/oss-security/2024/01/30/4
- http://www.openwall.com/lists/oss-security/2024/01/30/5
- http://www.openwall.com/lists/oss-security/2024/01/30/9
- http://www.openwall.com/lists/oss-security/2024/01/31/2
- http://www.openwall.com/lists/oss-security/2024/01/31/3
- http://www.openwall.com/lists/oss-security/2024/02/02/6
- http://www.openwall.com/lists/oss-security/2024/02/02/9
- http://www.openwall.com/lists/oss-security/2024/02/03/1
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c
- https://gitee.com/src-openeuler/kernel/pulls/1389
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Frequently Asked Questions
What is the severity of CVE-2021-33630?
CVE-2021-33630 is considered a high-severity vulnerability due to its potential for pointer manipulation in the network modules of the openEuler kernel.
How do I fix CVE-2021-33630?
To fix CVE-2021-33630, update the openEuler kernel to version 4.19.90-2401.3 or later.
Which versions of openEuler are affected by CVE-2021-33630?
CVE-2021-33630 affects openEuler kernel versions prior to 4.19.90-2401.3.
What type of vulnerability is CVE-2021-33630?
CVE-2021-33630 is a NULL Pointer Dereference vulnerability that allows for pointer manipulation.
In which files is CVE-2021-33630 present?
CVE-2021-33630 is associated with the program file net/sched/sch_cbs.C in the openEuler kernel.
- agent/title
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- collector/oss-sec
- source/oss-sec
- alias/CVE-2021-33630
- alias/CVE-2021-33631
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/openeuler
- version/openeuler/4.19.90