openEuler 22.03 LTS SP3 update for kernel



Published: 2024-07-04
Risk Low
Patch available YES
Number of vulnerabilities 42
CVE-ID CVE-2021-47366
CVE-2022-48673
CVE-2022-48692
CVE-2023-52670
CVE-2023-52748
CVE-2023-52791
CVE-2023-52821
CVE-2023-52841
CVE-2023-52873
CVE-2023-52882
CVE-2024-26924
CVE-2024-26935
CVE-2024-26936
CVE-2024-26947
CVE-2024-26954
CVE-2024-26960
CVE-2024-27014
CVE-2024-27017
CVE-2024-27019
CVE-2024-27044
CVE-2024-35796
CVE-2024-35819
CVE-2024-35821
CVE-2024-35828
CVE-2024-35870
CVE-2024-35887
CVE-2024-35910
CVE-2024-35915
CVE-2024-35932
CVE-2024-35935
CVE-2024-35937
CVE-2024-35951
CVE-2024-35965
CVE-2024-35966
CVE-2024-36016
CVE-2024-36905
CVE-2024-36916
CVE-2024-36919
CVE-2024-36952
CVE-2024-36960
CVE-2024-36968
CVE-2024-36971
CWE-ID CWE-119
CWE-667
CWE-476
CWE-401
CWE-20
CWE-399
CWE-200
CWE-125
CWE-416
CWE-362
CWE-682
CWE-366
CWE-908
CWE-388
CWE-404
CWE-787
CWE-369
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		openEuler
Operating systems & Components / Operating system

python3-perf
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 42 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU93171

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47366

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the afs_fs_fetch_data(), afs_fs_store_data(), afs_fs_setattr_size() and afs_deliver_fs_get_capabilities() functions in fs/afs/fsclient.c, within the afs_fileserver_probe_result() and clear_bit() functions in fs/afs/fs_probe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU92028

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48673

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_wr_rx_process_cqes(), smc_wr_free_link() and smc_wr_create_link() functions in net/smc/smc_wr.c, within the smcr_link_init() function in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU90516

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48692

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the srp_process_rsp() function in drivers/infiniband/ulp/srp/ib_srp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Memory leak

EUVDB-ID: #VU89988

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52670

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Buffer overflow

EUVDB-ID: #VU93621

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52748

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the f2fs_init_page_array_cache() function in fs/f2fs/compress.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper locking

EUVDB-ID: #VU93438

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52791

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drivers/i2c/i2c-core.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) NULL pointer dereference

EUVDB-ID: #VU90430

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52821

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the versatile_panel_get_modes() function in drivers/gpu/drm/panel/panel-arm-versatile.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory leak

EUVDB-ID: #VU89945

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52841

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vidtv_mux_init() and vidtv_channel_si_destroy() functions in drivers/media/test-drivers/vidtv/vidtv_mux.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU90428

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52873

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the clk_mt6779_apmixed_probe() and clk_mt6779_top_probe() functions in drivers/clk/mediatek/clk-mt6779.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU93673

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52882

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Resource management error

EUVDB-ID: #VU89055

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26924

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the nft_pipapo_remove() function in net/netfilter/nft_set_pipapo.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Information disclosure

EUVDB-ID: #VU91358

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26935

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU90322

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26936

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the smb2_allocate_rsp_buf() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU92213

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26947

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __sync_icache_dcache() function in arch/arm/mm/flush.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU90321

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26954

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Race condition

EUVDB-ID: #VU91475

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26960

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU90768

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27014

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5e_arfs_enable(), arfs_del_rules(), arfs_handle_work() and mlx5e_rx_flow_steer() functions in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Incorrect calculation

EUVDB-ID: #VU93615

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27017

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Race condition within a thread

EUVDB-ID: #VU91431

Risk: Low

CVSSv3.1: 4.1 [AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27019

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a data race within the __nft_obj_type_get() and nft_obj_type_get() functions in net/netfilter/nf_tables_api.c. A local user can gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) NULL pointer dereference

EUVDB-ID: #VU90521

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27044

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn10_set_output_transfer_func() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) NULL pointer dereference

EUVDB-ID: #VU90553

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35796

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the temac_probe() function in drivers/net/ethernet/xilinx/ll_temac_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Improper locking

EUVDB-ID: #VU91448

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35819

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qman_create_portal(), qm_congestion_task(), qman_create_cgr(), qman_delete_cgr() and qman_update_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Improper locking

EUVDB-ID: #VU92025

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35821

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the write_begin_slow(), ubifs_write_begin() and ubifs_write_end() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU90447

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35828

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the lbs_allocate_cmd_buffer() function in drivers/net/wireless/marvell/libertas/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU90158

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35870

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_mark_tcp_ses_conns_for_reconnect() and cifs_find_smb_ses() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU90159

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35887

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Improper locking

EUVDB-ID: #VU92021

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35910

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tcp_close() function in net/ipv4/tcp.c, within the inet_csk_clear_xmit_timers() function in net/ipv4/inet_connection_sock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use of uninitialized resource

EUVDB-ID: #VU90874

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35915

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the nci_rx_work() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU90146

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35932

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vc4_prepare_fb() and vc4_cleanup_fb() functions in drivers/gpu/drm/vc4/vc4_plane.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Improper error handling

EUVDB-ID: #VU90944

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35935

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the iterate_inode_ref() function in fs/btrfs/send.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

EUVDB-ID: #VU91093

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35937

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ieee80211_amsdu_subframe_length(), ieee80211_is_valid_amsdu() and ieee80211_amsdu_to_8023s() functions in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Improper resource shutdown or release

EUVDB-ID: #VU93746

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35951

CWE-ID: CWE-404 - Improper Resource Shutdown or Release

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the panfrost_mmu_map_fault_addr() and sg_free_table() functions in drivers/gpu/drm/panfrost/panfrost_mmu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Input validation error

EUVDB-ID: #VU93797

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35965

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds read

EUVDB-ID: #VU90306

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35966

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds write

EUVDB-ID: #VU89898

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36016

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Race condition

EUVDB-ID: #VU93375

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36905

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Out-of-bounds read

EUVDB-ID: #VU90273

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36916

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Improper locking

EUVDB-ID: #VU92010

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36919

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Race condition

EUVDB-ID: #VU91463

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36952

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Out-of-bounds read

EUVDB-ID: #VU90819

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36960

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Division by zero

EUVDB-ID: #VU92008

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36968

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the sco_sock_clear_timer() and sco_conn_add() functions in net/bluetooth/sco.c, within the l2cap_finish_move(), l2cap_rx_state_wait_f() and l2cap_conn_add() functions in net/bluetooth/l2cap_core.c, within the iso_sock_sendmsg() function in net/bluetooth/iso.c, within the hci_cc_read_buffer_size(), hci_cc_le_read_buffer_size(), hci_cs_create_conn(), hci_conn_complete_evt(), hci_conn_request_evt(), hci_cc_le_read_buffer_size_v2(), le_conn_complete_evt(), hci_le_cis_req_evt(), hci_le_big_sync_established_evt() and hci_le_big_info_adv_report_evt() functions in net/bluetooth/hci_event.c, within the hci_conn_add(), hci_conn_add_unset(), hci_connect_le(), hci_add_bis(), hci_connect_le_scan(), hci_connect_acl(), hci_connect_sco(), hci_bind_cis() and hci_iso_qos_setup() functions in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Use-after-free

EUVDB-ID: #VU91597

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36971

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf: before 5.10.0-209.0.0.117

kernel-tools-debuginfo: before 5.10.0-209.0.0.117

kernel-source: before 5.10.0-209.0.0.117

perf: before 5.10.0-209.0.0.117

python3-perf-debuginfo: before 5.10.0-209.0.0.117

kernel-debuginfo: before 5.10.0-209.0.0.117

kernel-debugsource: before 5.10.0-209.0.0.117

perf-debuginfo: before 5.10.0-209.0.0.117

kernel-tools-devel: before 5.10.0-209.0.0.117

kernel-devel: before 5.10.0-209.0.0.117

kernel-headers: before 5.10.0-209.0.0.117

kernel-tools: before 5.10.0-209.0.0.117

kernel: before 5.10.0-209.0.0.117

External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1738


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###