SB2024050858 - openEuler 22.03 LTS SP2 update for kernel
Published: May 8, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 19 secuirty vulnerabilities.
1) Resource management error (CVE-ID: CVE-2021-46926)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the sdw_intel_acpi_cb() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
2) Resource management error (CVE-ID: CVE-2021-47037)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in sound/soc/qcom/qdsp6/q6afe-clocks.c. A local user can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2023-52443)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the unpack_profile() function in security/apparmor/policy_unpack.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2023-52454)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_pdu_iovec() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
5) Improper locking (CVE-ID: CVE-2023-52456)
The vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to double-locking error within the imx_uart_stop_tx() function in drivers/tty/serial/imx.c. A local user can crash the OS kernel.
6) Use-after-free (CVE-ID: CVE-2023-52457)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the omap8250_remove() function in drivers/tty/serial/8250/8250_omap.c. A local user can perform a denial of service (DoS) attack.
7) Buffer overflow (CVE-ID: CVE-2023-52462)
The vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a boundary error within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can trigger memory corruption and crash the kernel.
8) NULL pointer dereference (CVE-ID: CVE-2023-52467)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the of_syscon_register() function in drivers/mfd/syscon.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2023-52469)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the kv_parse_power_table() function in drivers/gpu/drm/amd/amdgpu/kv_dpm.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
10) Out-of-bounds read (CVE-ID: CVE-2023-52476)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.
11) Use-after-free (CVE-ID: CVE-2023-52479)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb20_oplock_break_ack() function in fs/ksmbd/smb2pdu.c and fs/smb/server/smb2pdu.c. A local user can trigger a use-after-free error and escalate privileges on the system.
12) Resource management error (CVE-ID: CVE-2023-52484)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the arm_smmu_free_shared_cd() function in drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c. A local user can perform a denial of service (DoS) attack.
13) Race condition (CVE-ID: CVE-2024-26585)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tls_encrypt_done() function in net/tls/tls_sw.c. A remote attacker user can send specially crafted requests to the system and perform a denial of service (DoS) attack.
14) Buffer overflow (CVE-ID: CVE-2024-26589)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the adjust_ptr_min_max_vals() function in kernel/bpf/verifier.c. A local user can crash the OS kernel.
15) Out-of-bounds read (CVE-ID: CVE-2024-26593)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the i801_block_transaction_by_block() function in drivers/i2c/busses/i2c-i801.c. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
16) Out-of-bounds read (CVE-ID: CVE-2024-26597)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c when parsing the netlink attributes. A local user can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2024-26600)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/phy/ti/phy-omap-usb2.c. A local user can perform a denial of service (DoS) attack.
18) Infinite loop (CVE-ID: CVE-2024-26603)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in arch/x86/kernel/fpu/signal.c. A local user can consume all available system resources and cause denial of service conditions.
19) Resource management error (CVE-ID: CVE-2024-26606)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the binder_enqueue_thread_work_ilocked() function in drivers/android/binder.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.