CVE-2021-33033

HIGH

Linux kernel <5.11.14 - Use After Free

Title source: llm
STIX 2.1

Description

The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.

References (6)

Core 6
Core References
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.7
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://syzkaller.appspot.com/bug?id=96e7d345748d8814901c91cd92084ed04b46701e
Mailing List, Patch, Vendor Advisory x_refsource_misc
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.14

Scores

CVSS v3 7.8
EPSS 0.0057
EPSS Percentile 43.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (1)
linux/linux_kernel < 5.11.14
Published May 14, 2021
Tracked Since Feb 18, 2026