How severe is CVE-2021-29631?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2021-29631?

This is classified as CWE-908, which is a common weakness in software security.

CVE-2021-29631

HIGH Year: 2021

CVSS v3 Score

7.8

High

CVSS v2 Score

7.2

High

Weakness Type

CWE-908

View all →

Vulnerability Description

In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descriptors. A malicious guest may cause the device model to operate on uninitialized I/O vectors leading to memory corruption, crashing of the bhyve process, and possibly arbitrary code execution in the bhyve process.

CVE-2009-2692

HIGH

CVSS:7.8(High)

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL...

CWE-9082009

CVE-2018-15911

HIGH

CVSS:7.8(High)

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execu...

CWE-9082018

CVE-2018-3975

HIGH

CVSS:7.8(High)

An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of Atlantis Word Processor 3.2.6 version. A specially crafted RTF file can leverage an uninitialized stack a...

CWE-9082018

CVE-2019-14079

HIGH

CVSS:7.8(High)

Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compu...

CWE-9082019

CVE-2019-1462

HIGH

CVSS:7.8(High)

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerabilit...

CWE-9082019

CVE-2020-16931

HIGH

CVSS:7.8(High)

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could...

CWE-9082020

CVE-2021-29631

Vulnerability Description

Related Vulnerabilities

CVE-2009-2692

CVE-2018-15911

CVE-2018-3975

CVE-2019-14079

CVE-2019-1462

CVE-2020-16931