5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%
NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C.
This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.
[
{
"collectionURL": "https://gitee.com/src-openeuler",
"defaultStatus": "unaffected",
"modules": [
"network"
],
"packageName": "kernel",
"platforms": [
"Linux"
],
"product": "kernel",
"programFiles": [
"https://gitee.com/openeuler/kernel/blob/openEuler-1.0-LTS/net/sched/sch_cbs.c"
],
"repo": "https://gitee.com/src-openeuler/kernel",
"vendor": "openEuler",
"versions": [
{
"changes": [
{
"at": "b2239f607df25fc401179e6dd4b7406f942a7632 net/sched: cbs: Fix not adding cbs instance to list",
"status": "unaffected"
}
],
"lessThan": "4.19.90-2401.3",
"status": "affected",
"version": "4.19.90",
"versionType": "git"
}
]
}
]
www.openwall.com/lists/oss-security/2024/01/30/10
www.openwall.com/lists/oss-security/2024/01/30/3
www.openwall.com/lists/oss-security/2024/01/30/4
www.openwall.com/lists/oss-security/2024/01/30/5
www.openwall.com/lists/oss-security/2024/01/30/9
www.openwall.com/lists/oss-security/2024/01/31/2
www.openwall.com/lists/oss-security/2024/01/31/3
www.openwall.com/lists/oss-security/2024/02/02/6
www.openwall.com/lists/oss-security/2024/02/02/9
www.openwall.com/lists/oss-security/2024/02/03/1
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e8b9bfa110896f95d602d8c98d5f9d67e41d78c
gitee.com/src-openeuler/kernel/pulls/1389
lists.debian.org/debian-lts-announce/2024/06/msg00020.html
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%