Main Vulnerability Database SB2024051349

SB2024051349 - openEuler 22.03 LTS update for kernel

Published: May 13, 2024 Updated: December 19, 2024

Security Bulletin ID SB2024051349

Severity

Medium

Patch available

YES

Number of vulnerabilities 6

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2023-46838)

The vulnerability allows an unprivileged guest to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of network packets at the backend. An unprivileged guest can send zero-length packets to the OS kernel and perform a denial of service (DoS) attack.

2) Resource exhaustion (CVE-ID: CVE-2023-52340)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing very large ICMPv6 packets. A remote attacker can send a flood of IPv6 ICMP6 PTB messages, cause the high lock contention and increased CPU usage, leading to a denial of service.

Successful vulnerability exploitation requires a attacker to be on the local network or have a high bandwidth connection.

3) Improper locking (CVE-ID: CVE-2024-0639)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.

4) NULL pointer dereference (CVE-ID: CVE-2024-0841)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2024-1086)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the netfilter nf_tables component in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code on the system.

6) Off-by-one (CVE-ID: CVE-2024-23849)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the rds_recv_track_latency() function in net/rds/af_rds.c. A local user can trigger an off-by-one error and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1180

Vulnerable Software

openEuler: 22.03 LTS
perf: before 5.10.0-60.126.0.153
kernel-tools-devel: before 5.10.0-60.126.0.153
kernel-source: before 5.10.0-60.126.0.153
kernel-tools: before 5.10.0-60.126.0.153
bpftool-debuginfo: before 5.10.0-60.126.0.153
kernel-tools-debuginfo: before 5.10.0-60.126.0.153
bpftool: before 5.10.0-60.126.0.153
kernel-devel: before 5.10.0-60.126.0.153
python3-perf: before 5.10.0-60.126.0.153
kernel-debuginfo: before 5.10.0-60.126.0.153
python3-perf-debuginfo: before 5.10.0-60.126.0.153
perf-debuginfo: before 5.10.0-60.126.0.153
kernel-headers: before 5.10.0-60.126.0.153
kernel-debugsource: before 5.10.0-60.126.0.153
kernel: before 5.10.0-60.126.0.153

SB2024051349 - openEuler 22.03 LTS update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human