Use After Free Vulnerability in BYACC by OpenEuler
CVE-2021-33641

7.8HIGH

Key Information:

Vendor: Openeuler
Status: Byacc
Vendor: CVE Published:; 20 January 2023

What is CVE-2021-33641?

A use after free vulnerability exists in BYACC, a parser generator by OpenEuler. This flaw arises when the system incorrectly accesses previously released memory while processing comments. An attacker could exploit this vulnerability to manipulate memory, leading to potential application instability or compromise of sensitive data.

Affected Version(s)

byacc <1.9.20200330 and <2.0.20210808

References

https://gitee.com/src-openeuler/byacc/commit/50225f48c6b5...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 20, 2023
Vulnerability Reserved
May 28, 2021

Openeuler

What is CVE-2021-33641?

Affected Version(s)

References

CVSS V3.1

Timeline