Anolis OS update for kernel(ANCK)4.19



| Updated: 2025-03-29
Risk Low
Patch available YES
Number of vulnerabilities 15
CVE-ID CVE-2023-0459
CVE-2023-2124
CVE-2023-2162
CVE-2023-30456
CVE-2023-3090
CVE-2023-31084
CVE-2023-3111
CVE-2023-3117
CVE-2023-31436
CVE-2023-3212
CVE-2023-34256
CVE-2023-3609
CVE-2023-3611
CVE-2023-3776
CVE-2023-3812
CWE-ID CWE-1037
CWE-125
CWE-416
CWE-20
CWE-787
CWE-833
CWE-476
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Anolis OS
Operating systems & Components / Operating system

python-perf
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-libs-devel
Operating systems & Components / Operating system package or component

kernel-tools-libs
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

Vendor OpenAnolis

Security Bulletin

This security bulletin contains information about 15 vulnerabilities.

1) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU76222

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0459

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper implementation of speculative execution barriers in usercopy functions
in certain situations. A local user can gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU75323

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2124

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack..

The vulnerability exists due to a boundary condition within the XFS subsystem in Linux kernel. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU75994

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2162

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU75456

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-30456

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of consistency for for CR0 and CR4 in arch/x86/kvm/vmx/nested.c in the Linux kernel. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds write

EUVDB-ID: #VU78010

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3090

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the ipvlan network driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deadlock

EUVDB-ID: #VU77246

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-31084

CWE-ID: CWE-833 - Deadlock

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a deadlock in drivers/media/dvb-core/dvb_frontend.c when a task is in !TASK_RUNNING. A local user can trigger a deadlock and crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU77911

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3111

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prepare_to_relocate() function in fs/btrfs/relocation.c in btrfs in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU78457

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3117

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Netfilter subsystem. A local user with CAP_NET_ADMIN capability can trigger the use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU76098

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-31436

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the qfq_change_class() function in net/sched/sch_qfq.c when handling the MTU value provided to the QFQ Scheduler. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU78009

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3212

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the gfs2 file system in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU77624

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-34256

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within crc16 in lib/crc16.c when called from fs/ext4/super.c. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU78941

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3609

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: cls_u32 component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds write

EUVDB-ID: #VU78943

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3611

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the qfq_change_agg() function in net/sched/sch_qfq.c within the Linux kernel net/sched: sch_qfq component. A local user trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU79285

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3776

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel's net/sched: cls_fw component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds write

EUVDB-ID: #VU78928

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3812

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the TUN/TAP device driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 7

python-perf: before 4.19.91-27.6

perf: before 4.19.91-27.6

kernel-tools-libs-devel: before 4.19.91-27.6

kernel-tools-libs: before 4.19.91-27.6

kernel-tools: before 4.19.91-27.6

kernel-headers: before 4.19.91-27.6

kernel-devel: before 4.19.91-27.6

kernel-debug-devel: before 4.19.91-27.6

kernel-debug: before 4.19.91-27.6

kernel: before 4.19.91-27.6

bpftool: before 4.19.91-27.6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2023:0526


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###