Lucene search

K
cve[email protected]CVE-2021-33656
HistoryJul 18, 2022 - 3:15 p.m.

CVE-2021-33656

2022-07-1815:15:08
CWE-787
web.nvd.nist.gov
139
7
nvd
cve-2021-33656
font
kernel
memory
security

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.

Affected configurations

NVD
Node
huaweiopeneulerMatch20.03-lts
OR
huaweiopeneulerMatch20.03sp1lts
OR
huaweiopeneulerMatch20.03sp3lts
Node
linuxlinux_kernelRange<5.10.127
Node
debiandebian_linuxMatch10.0

CNA Affected

[
  {
    "product": "openEuler:kernel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "<5.10.127"
      }
    ]
  }
]

Social References

More

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%