openEuler 22.03 LTS SP1 update for kernel
Security Bulletin
This security bulletin contains information about 28 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU91400
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-48655
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the scmi_domain_reset() function in drivers/firmware/arm_scmi/reset.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of uninitialized resource
EUVDB-ID: #VU89393
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52477
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of uninitialized BOS descriptors in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU93617
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52618
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU89268
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52620
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c when setting timeouts from userspace. A local user can bypass implemented security restrictions and perform a denial of service attack.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Stack-based buffer overflow
EUVDB-ID: #VU87901
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52628
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the nft_exthdr_sctp_eval(), nft_exthdr_tcp_eval(), and nft_exthdr_ipv6_eval() functions. A local user can pass specially crafted data to the system, trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper privilege management
EUVDB-ID: #VU93736
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52642
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the lirc_dev_exit() and rc_dev_get_from_fd() functions in drivers/media/rc/lirc_dev.c, within the lirc_prog_attach(), lirc_prog_detach() and lirc_prog_query() functions in drivers/media/rc/bpf-lirc.c. A local user can read and manipulate data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU91599
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Integer overflow
EUVDB-ID: #VU91180
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26668
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the nft_limit_eval() and nft_limit_init() functions in net/netfilter/nft_limit.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Memory leak
EUVDB-ID: #VU90010
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26669
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fl_tmplt_destroy() function in net/sched/cls_flower.c, within the tcf_block_playback_offloads() and tc_chain_tmplt_add() functions in net/sched/cls_api.c, within the void() function in include/net/sch_generic.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU92977
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26671
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU93350
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26680
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aq_ring_free() function in drivers/net/ethernet/aquantia/atlantic/aq_ring.c, within the aq_ptp_ring_alloc() and aq_ptp_ring_free() functions in drivers/net/ethernet/aquantia/atlantic/aq_ptp.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) NULL pointer dereference
EUVDB-ID: #VU90603
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26688
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU90220
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26689
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU91098
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26791
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Double free
EUVDB-ID: #VU90897
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26792
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the create_pending_snapshot() function in fs/btrfs/transaction.c, within the create_subvol() function in fs/btrfs/ioctl.c, within the btrfs_free_fs_info(), btrfs_init_fs_root(), btrfs_put_root() and btrfs_get_fs_root() functions in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU88543
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26811
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when installing malicious ksmbd-tools. A local user can force the ksmbd.mountd to return invalid ipc response to ksmbd kernel server, trigger memory corruption and execute arbitrary code on the target system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper locking
EUVDB-ID: #VU91529
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26812
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_intx_handler() and vfio_pci_set_intx_trigger() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Integer overflow
EUVDB-ID: #VU88544
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26817
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow within the kfd_ioctl_get_process_apertures_new() function in drivers/gpu/drm/amd/amdkfd/kfd_chardev.c. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Integer underflow
EUVDB-ID: #VU91674
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26828
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Memory leak
EUVDB-ID: #VU90471
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26839
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the init_credit_return() function in drivers/infiniband/hw/hfi1/pio.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Memory leak
EUVDB-ID: #VU90005
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26840
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Buffer overflow
EUVDB-ID: #VU93404
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26843
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the riscv_enable_runtime_services() function in drivers/firmware/efi/riscv-runtime.c, within the arm_enable_runtime_services() function in drivers/firmware/efi/arm-runtime.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) NULL pointer dereference
EUVDB-ID: #VU90576
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26855
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU92006
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26870
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Use-after-free
EUVDB-ID: #VU90193
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26875
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pvr2_context_exit() function in drivers/media/usb/pvrusb2/pvrusb2-context.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) NULL pointer dereference
EUVDB-ID: #VU90574
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26878
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) NULL pointer dereference
EUVDB-ID: #VU90577
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26893
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smc_chan_free() function in drivers/firmware/arm_scmi/smc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Use-after-free
EUVDB-ID: #VU90197
Risk: Low
CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26898
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP1
kernel-debuginfo: before 5.10.0-136.75.0.155
perf-debuginfo: before 5.10.0-136.75.0.155
python3-perf: before 5.10.0-136.75.0.155
kernel-tools-debuginfo: before 5.10.0-136.75.0.155
kernel-source: before 5.10.0-136.75.0.155
kernel-tools: before 5.10.0-136.75.0.155
python3-perf-debuginfo: before 5.10.0-136.75.0.155
kernel-tools-devel: before 5.10.0-136.75.0.155
kernel-debugsource: before 5.10.0-136.75.0.155
kernel-devel: before 5.10.0-136.75.0.155
kernel-headers: before 5.10.0-136.75.0.155
perf: before 5.10.0-136.75.0.155
kernel: before 5.10.0-136.75.0.155
External linkshttp://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1620
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
