openEuler 22.03 LTS SP3 update for kernel



Risk High
Patch available YES
Number of vulnerabilities 56
CVE-ID CVE-2021-47247
CVE-2021-47484
CVE-2021-47558
CVE-2022-48652
CVE-2023-52672
CVE-2023-52680
CVE-2023-52686
CVE-2023-52693
CVE-2023-52732
CVE-2023-52762
CVE-2023-52775
CVE-2023-52803
CVE-2023-52810
CVE-2023-52880
CVE-2023-52881
CVE-2024-26835
CVE-2024-26889
CVE-2024-27393
CVE-2024-27402
CVE-2024-27408
CVE-2024-35790
CVE-2024-35809
CVE-2024-35811
CVE-2024-35853
CVE-2024-35854
CVE-2024-35871
CVE-2024-35888
CVE-2024-35895
CVE-2024-35896
CVE-2024-35905
CVE-2024-35924
CVE-2024-35967
CVE-2024-35973
CVE-2024-35982
CVE-2024-35984
CVE-2024-36017
CVE-2024-36029
CVE-2024-36883
CVE-2024-36886
CVE-2024-36889
CVE-2024-36898
CVE-2024-36899
CVE-2024-36901
CVE-2024-36902
CVE-2024-36903
CVE-2024-36906
CVE-2024-36908
CVE-2024-36917
CVE-2024-36924
CVE-2024-36928
CVE-2024-36929
CVE-2024-36949
CVE-2024-36954
CVE-2024-36957
CVE-2024-36964
CVE-2023-47233
CWE-ID CWE-416
CWE-476
CWE-399
CWE-362
CWE-667
CWE-388
CWE-908
CWE-119
CWE-125
CWE-264
CWE-451
CWE-401
CWE-835
CWE-193
CWE-269
Exploitation vector Network
Public exploit N/A
Vulnerable software
 openEuler
Operating systems & Components / Operating system

kernel-source
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 56 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU90090

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47247

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlx5e_take_all_route_decap_flows() and mlx5e_encap_valid() functions in drivers/net/ethernet/mellanox/mlx5/core/en/tc_tun_encap.c, within the wait_for_completion() and mlx5e_take_all_encap_flows() functions in drivers/net/ethernet/mellanox/mlx5/core/en/rep/tc.c, within the mlx5e_rep_neigh_update() and mlx5e_rep_update_flows() functions in drivers/net/ethernet/mellanox/mlx5/core/en/rep/neigh.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU90403

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47484

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nix_free_tx_vtag_entries() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c, within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource management error

EUVDB-ID: #VU92963

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47558

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the stmmac_release() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Race condition

EUVDB-ID: #VU93379

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48652

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the ice_set_dflt_vsi_ctx(), ice_vsi_setup_q_map(), ice_vsi_setup_q_map_mqprio() and ice_vsi_cfg_tc() functions in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper locking

EUVDB-ID: #VU92024

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52672

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pipe_resize_ring() and pipe_set_size() functions in fs/pipe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper error handling

EUVDB-ID: #VU93618

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52680

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the scarlett2_sync_ctl_get(), scarlett2_master_volume_ctl_get(), scarlett2_volume_ctl_get(), scarlett2_mute_ctl_get(), scarlett2_level_enum_ctl_get(), scarlett2_pad_ctl_get(), scarlett2_air_ctl_get(), scarlett2_phantom_ctl_get(), scarlett2_direct_monitor_ctl_get(), scarlett2_speaker_switch_enum_ctl_get(), scarlett2_talkback_enum_ctl_get(), scarlett2_dim_mute_ctl_get() and scarlett2_mux_src_enum_ctl_get() functions in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU90548

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52686

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use of uninitialized resource

EUVDB-ID: #VU91678

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52693

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Improper locking

EUVDB-ID: #VU91507

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52732

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ceph_update_snap_trace() and ceph_handle_snap() functions in fs/ceph/snap.c, within the register_session(), __open_session(), __do_request(), handle_reply(), ceph_mdsc_put_request(), done_closing_sessions() and mds_peer_reset() functions in fs/ceph/mds_client.c, within the ceph_zero_partial_object() function in fs/ceph/file.c, within the ceph_handle_caps() and iput() functions in fs/ceph/caps.c, within the ceph_netfs_issue_read(), writepage_nounlock() and ceph_uninline_data() functions in fs/ceph/addr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU93622

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52762

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the virtblk_probe() function in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU93425

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52775

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the smcr_clnt_conf_first_link() function in net/smc/af_smc.c when handling SMC DECLINE messages. A remote attacker can send specially crafted SMC DECLINE message to the system, trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU90079

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52803

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rpc_clnt_remove_pipedir() and rpc_setup_pipedir() functions in net/sunrpc/clnt.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU90285

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52810

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dbMount() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU89899

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52880

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Spoofing attack

EUVDB-ID: #VU89895

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52881

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Resource management error

EUVDB-ID: #VU93772

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26835

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nf_tables_updtable() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU91312

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26889

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the hci_get_dev_info() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU89353

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27393

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a malicious guest to perform DoS attack on the target system.

The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Improper locking

EUVDB-ID: #VU92026

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27402

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pep_sock_enable() and pep_ioctl() functions in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Race condition

EUVDB-ID: #VU91470

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27408

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the dw_edma_v0_core_write_chunk() and dw_edma_v0_core_start() functions in drivers/dma/dw-edma/dw-edma-v0-core.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) NULL pointer dereference

EUVDB-ID: #VU90554

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35790

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Improper error handling

EUVDB-ID: #VU90947

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35809

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the pci_device_remove() function in drivers/pci/pci-driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90164

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35811

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU89984

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35853

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vchunk_migrate_start() and mlxsw_sp_acl_tcam_vregion_migrate() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU90162

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35854

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Memory leak

EUVDB-ID: #VU91639

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35871

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __asm__() and copy_thread() functions in arch/riscv/kernel/process.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use of uninitialized resource

EUVDB-ID: #VU90873

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35888

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ip6erspan_rcv() function in net/ipv6/ip6_gre.c, within the erspan_rcv() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Improper locking

EUVDB-ID: #VU90752

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35895

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU90309

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35896

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c, within the do_replace(), update_counters() and compat_update_counters() functions in net/bridge/netfilter/ebtables.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Out-of-bounds read

EUVDB-ID: #VU90307

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35905

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Buffer overflow

EUVDB-ID: #VU93623

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35924

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ucsi_read_message_in(), ucsi_read_error(), ucsi_send_command() and ucsi_register() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU90303

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35967

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use of uninitialized resource

EUVDB-ID: #VU90872

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35973

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the geneve_xmit_skb() and geneve6_xmit_skb() functions in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Infinite loop

EUVDB-ID: #VU91411

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35982

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the batadv_tt_local_resize_to_mtu() function in net/batman-adv/translation-table.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) NULL pointer dereference

EUVDB-ID: #VU91458

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35984

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i2c_check_for_quirks() function in drivers/i2c/i2c-core-base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU93081

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36017

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Resource management error

EUVDB-ID: #VU92981

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36029

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sdhci_msm_runtime_suspend() and sdhci_msm_runtime_resume() functions in drivers/mmc/host/sdhci-msm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Out-of-bounds read

EUVDB-ID: #VU90272

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36883

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU90049

Risk: High

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Use of uninitialized resource

EUVDB-ID: #VU90975

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36889

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use of uninitialized resource

EUVDB-ID: #VU92002

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36898

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the edge_detector_update() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Use-after-free

EUVDB-ID: #VU90048

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36899

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU91224

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36901

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) NULL pointer dereference

EUVDB-ID: #VU91222

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36902

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Use of uninitialized resource

EUVDB-ID: #VU90865

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36903

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the __ip6_make_skb() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds read

EUVDB-ID: #VU90271

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36906

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ENDPROC() function in arch/arm/kernel/sleep.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Resource management error

EUVDB-ID: #VU93278

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36908

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iocg_pay_debt() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Buffer overflow

EUVDB-ID: #VU92094

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36917

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the blk_ioctl_discard() function in block/ioctl.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Improper locking

EUVDB-ID: #VU90734

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36924

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the lpfc_set_rrq_active() and lpfc_sli_post_recovery_event() functions in drivers/scsi/lpfc/lpfc_sli.c, within the lpfc_dev_loss_tmo_callbk() function in drivers/scsi/lpfc/lpfc_hbadisc.c, within the lpfc_els_retry_delay() function in drivers/scsi/lpfc/lpfc_els.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Resource management error

EUVDB-ID: #VU92961

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36928

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the qeth_free_cq(), qeth_alloc_qdio_queues(), atomic_set(), qeth_free_qdio_queues() and qeth_qdio_poll() functions in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper error handling

EUVDB-ID: #VU93449

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36929

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the skb_alloc_rx_flag() and skb_copy_expand() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper locking

EUVDB-ID: #VU93436

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36949

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Memory leak

EUVDB-ID: #VU90431

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36954

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Off-by-one

EUVDB-ID: #VU91171

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36957

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Improper privilege management

EUVDB-ID: #VU93734

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36964

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Use-after-free

EUVDB-ID: #VU82755

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-47233

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

kernel-source: before 5.10.0-207.0.0.116

kernel-debugsource: before 5.10.0-207.0.0.116

kernel-tools-devel: before 5.10.0-207.0.0.116

perf: before 5.10.0-207.0.0.116

python3-perf: before 5.10.0-207.0.0.116

kernel-devel: before 5.10.0-207.0.0.116

kernel-headers: before 5.10.0-207.0.0.116

kernel-tools: before 5.10.0-207.0.0.116

kernel-tools-debuginfo: before 5.10.0-207.0.0.116

python3-perf-debuginfo: before 5.10.0-207.0.0.116

kernel-debuginfo: before 5.10.0-207.0.0.116

perf-debuginfo: before 5.10.0-207.0.0.116

kernel: before 5.10.0-207.0.0.116

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1707


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###