Infinite Loop Vulnerability in Byacc from OpenEuler
CVE-2021-33642

5.5MEDIUM

Key Information:

Vendor: Openeuler
Status: Byacc
Vendor: CVE Published:; 20 January 2023

What is CVE-2021-33642?

An infinite loop vulnerability exists in the Byacc parser when processing files. This issue arises from the next_inline() function within more_curly(), leading to potential software stability problems. It is crucial for users and developers to apply updates to avoid exploit scenarios that may disrupt normal operations.

Affected Version(s)

byacc <1.9.20200330 and <2.0.20210808

References

https://gitee.com/src-openeuler/byacc/commit/50225f48c6b5...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 20, 2023
Vulnerability Reserved
May 28, 2021

Openeuler

What is CVE-2021-33642?

Affected Version(s)

References

CVSS V3.1

Timeline