openEuler 22.03 LTS SP2 update for kernel



Published: 2024-04-03
Risk Medium
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2021-47094
CVE-2023-52502
CVE-2023-52599
CVE-2023-52600
CVE-2023-52601
CVE-2024-23307
CVE-2024-26622
CVE-2024-26625
CVE-2024-26627
CWE-ID CWE-416
CWE-362
CWE-119
CWE-190
CWE-667
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		openEuler
Operating systems & Components / Operating system

kernel-headers
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU88107

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47094

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in arch/x86/kvm/mmu/tdp_iter.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Race condition

EUVDB-ID: #VU88106

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52502

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() functions in net/nfc/llcp_core.c. A local user can exploit the race and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU88105

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52599

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the diNewExt() function in fs/jfs/jfs_imap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU88104

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in fs/jfs/jfs_mount.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU88103

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52601

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in fs/jfs/jfs_dmap.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU87193

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26622

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tomoyo_write_control() function. A local  user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU87344

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26625

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in net/llc/af_llc.c when handling orphan sockets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Improper locking

EUVDB-ID: #VU88101

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26627

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack (DoS).

The vulnerability exists due to improper locking when calling the scsi_host_busy() function. A local user can perform a denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

kernel-headers: before 5.10.0-153.49.0.127

python3-perf-debuginfo: before 5.10.0-153.49.0.127

kernel-tools-debuginfo: before 5.10.0-153.49.0.127

perf: before 5.10.0-153.49.0.127

kernel-tools-devel: before 5.10.0-153.49.0.127

python3-perf: before 5.10.0-153.49.0.127

kernel-debugsource: before 5.10.0-153.49.0.127

kernel-debuginfo: before 5.10.0-153.49.0.127

perf-debuginfo: before 5.10.0-153.49.0.127

kernel-source: before 5.10.0-153.49.0.127

kernel-tools: before 5.10.0-153.49.0.127

kernel-devel: before 5.10.0-153.49.0.127

kernel: before 5.10.0-153.49.0.127

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1355


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###