Risk | Critical |
Patch available | YES |
Number of vulnerabilities | 34 |
CVE-ID | CVE-2021-47231 CVE-2021-47232 CVE-2021-47252 CVE-2021-47288 CVE-2021-47346 CVE-2021-47347 CVE-2021-47434 CVE-2021-47466 CVE-2021-47469 CVE-2021-47493 CVE-2021-47500 CVE-2021-47521 CVE-2021-47565 CVE-2021-47597 CVE-2021-47609 CVE-2022-48737 CVE-2022-48755 CVE-2022-48756 CVE-2023-52670 CVE-2023-52739 CVE-2023-52834 CVE-2023-52853 CVE-2024-27436 CVE-2024-35830 CVE-2024-36894 CVE-2024-36941 CVE-2024-36950 CVE-2024-36971 CVE-2024-38538 CVE-2024-38541 CVE-2024-38552 CVE-2024-38588 CVE-2024-38596 CVE-2024-38607 |
CWE-ID | CWE-401 CWE-416 CWE-399 CWE-125 CWE-119 CWE-667 CWE-362 CWE-908 CWE-476 CWE-415 CWE-787 CWE-388 CWE-366 |
Exploitation vector | Local |
Public exploit | Vulnerability #28 is being exploited in the wild. |
Vulnerable software |
openEuler Operating systems & Components / Operating system kernel-devel Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component bpftool-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component python3-perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component python2-perf Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component python2-perf-debuginfo Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 34 vulnerabilities.
EUVDB-ID: #VU89946
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47231
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mcba_usb_start() and mcba_usb_open() functions in drivers/net/can/usb/mcba_usb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90088
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47232
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the j1939_session_skb_drop_old(), j1939_session_skb_queue(), j1939_session_skb_find_by_offset(), j1939_session_tx_dat(), j1939_xtp_txnext_receiver(), j1939_simple_txnext(), j1939_session_completed() and j1939_xtp_rx_dat_one() functions in net/can/j1939/transport.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93253
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47252
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the batadv_iv_ogm_emit() function in net/batman-adv/bat_iv_ogm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90297
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47288
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ngene_command_config_free_buf() function in drivers/media/pci/ngene/ngene-core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90301
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47346
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tmc_update_etf_buffer() function in drivers/hwtracing/coresight/coresight-tmc-etf.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91309
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47347
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the wl1251_cmd_scan() function in drivers/net/wireless/ti/wl1251/cmd.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93139
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47434
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the xhci_handle_stopped_cmd_ring() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91619
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47466
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_open() function in mm/slub.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90737
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47469
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the LIST_HEAD(), spi_add_device(), spi_add_device_locked(), spi_register_controller() and spi_unregister_controller() functions in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91465
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47493
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ocfs2_test_bg_bit_allocatable() function in fs/ocfs2/suballoc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90050
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47500
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mma8452_trigger_setup() function in drivers/iio/accel/mma8452.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91052
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47521
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ems_pcmcia_add_card() function in drivers/net/can/sja1000/ems_pcmcia.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93588
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47565
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the _scsih_ublock_io_device() function in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92934
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47597
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the inet_sk_diag_fill() function in net/ipv4/inet_diag.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93303
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47609
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the scpi_pm_domain_probe() function in drivers/firmware/scpi_pm_domain.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92902
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48737
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_volsw_sx() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92978
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48755
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the EMIT() function in arch/powerpc/net/bpf_jit_comp64.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92915
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48756
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_dsi_phy_driver_unregister() function in drivers/gpu/drm/msm/dsi/phy/dsi_phy.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU89988
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52670
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90889
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52739
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the free_the_page() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93304
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52834
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the atl1c_set_mac_addr(), atl1c_init_ring_ptrs(), atl1c_free_ring_resources(), atl1c_rx_checksum() and atl1c_alloc_rx_buffer() functions in drivers/net/ethernet/atheros/atl1c/atl1c_main.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91229
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52853
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cp2112_gpio_irq_startup() and cp2112_probe() functions in drivers/hid/hid-cp2112.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93594
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27436
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the convert_chmap() function in sound/usb/stream.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93591
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35830
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90735
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36894
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU90528
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36941
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92055
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36950
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU91597
Risk: Critical
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2024-36971
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
EUVDB-ID: #VU92373
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38538
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and br_dev_xmit() functions in net/bridge/br_device.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92376
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38541
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the of_modalias() function in drivers/of/module.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92330
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38552
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92312
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38588
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lookup_rec(), ftrace_location_range(), ftrace_process_locs(), ftrace_release_mod() and ftrace_free_mem() functions in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU92380
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38596
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the unix_stream_sendmsg() function in net/unix/af_unix.c. A local user can manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93181
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38607
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
kernel-devel: before 4.19.90-2406.4.0.0283
python3-perf: before 4.19.90-2406.4.0.0283
bpftool-debuginfo: before 4.19.90-2406.4.0.0283
kernel-tools: before 4.19.90-2406.4.0.0283
kernel-tools-devel: before 4.19.90-2406.4.0.0283
python3-perf-debuginfo: before 4.19.90-2406.4.0.0283
perf: before 4.19.90-2406.4.0.0283
python2-perf: before 4.19.90-2406.4.0.0283
kernel-debuginfo: before 4.19.90-2406.4.0.0283
kernel-source: before 4.19.90-2406.4.0.0283
kernel-tools-debuginfo: before 4.19.90-2406.4.0.0283
bpftool: before 4.19.90-2406.4.0.0283
python2-perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel-debugsource: before 4.19.90-2406.4.0.0283
perf-debuginfo: before 4.19.90-2406.4.0.0283
kernel: before 4.19.90-2406.4.0.0283
CPE2.3https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1767
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.