openEuler 20.03 LTS SP1 update for kernel



Risk Medium
Patch available YES
Number of vulnerabilities 23
CVE-ID CVE-2021-47090
CVE-2021-47100
CVE-2021-47121
CVE-2021-47149
CVE-2021-47183
CVE-2021-47194
CVE-2021-47210
CVE-2023-52619
CVE-2024-24860
CVE-2024-26633
CVE-2024-26644
CVE-2024-26751
CVE-2024-26764
CVE-2024-26772
CVE-2024-26773
CVE-2024-26777
CVE-2024-26778
CVE-2024-26810
CVE-2024-26884
CVE-2024-26898
CVE-2024-27437
CVE-2022-3061
CVE-2023-6270
CWE-ID CWE-399
CWE-416
CWE-401
CWE-476
CWE-665
CWE-20
CWE-119
CWE-362
CWE-667
CWE-835
CWE-369
Exploitation vector Network
Public exploit N/A
Vulnerable software
 openEuler
Operating systems & Components / Operating system

perf-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

python2-perf
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

python2-perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 23 vulnerabilities.

1) Resource management error

EUVDB-ID: #VU93592

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47090

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU90233

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47100

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cleanup_bmc_device() function in drivers/char/ipmi/ipmi_msghandler.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory leak

EUVDB-ID: #VU90016

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47121

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the cfusbl_create() and cfusbl_device_notify() functions in net/caif/caif_usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU90620

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47149

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fmvj18x_get_hwinfo() function in drivers/net/ethernet/fujitsu/fmvj18x_cs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU90586

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47183

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lpfc_sli_issue_abort_iotag() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper initialization

EUVDB-ID: #VU92392

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47194

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU93688

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47210

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

EUVDB-ID: #VU93668

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52619

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ramoops_init_przs() function in fs/pstore/ram.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Race condition

EUVDB-ID: #VU86580

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-24860

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the {min,max}_key_size_set() function in the Linux kernel bluetooth device driver. A remote attacker with physical proximity to device can send specially crafted packets to the system and crash the kernel.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU89267

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-26633

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in NEXTHDR_FRAGMENT handling within the ip6_tnl_parse_tlv_enc_lim() function in net/ipv6/ip6_tunnel.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper locking

EUVDB-ID: #VU91535

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26644

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Infinite loop

EUVDB-ID: #VU93671

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26751

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the GPIO_LOOKUP_IDX() function in arch/arm/mach-ep93xx/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Resource management error

EUVDB-ID: #VU93844

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26764

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper locking

EUVDB-ID: #VU92041

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26772

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper locking

EUVDB-ID: #VU93787

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26773

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Division by zero

EUVDB-ID: #VU91377

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26777

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the sisfb_check_var() function in drivers/video/fbdev/sis/sis_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Division by zero

EUVDB-ID: #VU91378

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26778

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the savagefb_check_var() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Improper locking

EUVDB-ID: #VU91318

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26810

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the vfio_send_intx_eventfd(), vfio_pci_intx_mask(), vfio_pci_intx_unmask_handler(), vfio_pci_set_intx_unmask() and vfio_pci_set_intx_mask() functions in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Buffer overflow

EUVDB-ID: #VU91604

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26884

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU90197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26898

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Resource management error

EUVDB-ID: #VU93202

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27437

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the vfio_intx_set_signal() function in drivers/vfio/pci/vfio_pci_intrs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Division by zero

EUVDB-ID: #VU68516

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3061

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to missing checks of the "pixclock" value in the Linux kernel i740 driver. A local user can pass arbitrary values to the driver through ioctl() interface, trigger a divide by zero error and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS SP1

perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools: before 4.19.90-2405.1.0.0248

kernel-tools-devel: before 4.19.90-2405.1.0.0248

kernel-debuginfo: before 4.19.90-2405.1.0.0248

python2-perf: before 4.19.90-2405.1.0.0248

bpftool-debuginfo: before 4.19.90-2405.1.0.0248

kernel-tools-debuginfo: before 4.19.90-2405.1.0.0248

kernel-source: before 4.19.90-2405.1.0.0248

python3-perf: before 4.19.90-2405.1.0.0248

kernel-debugsource: before 4.19.90-2405.1.0.0248

python2-perf-debuginfo: before 4.19.90-2405.1.0.0248

perf: before 4.19.90-2405.1.0.0248

bpftool: before 4.19.90-2405.1.0.0248

kernel-devel: before 4.19.90-2405.1.0.0248

python3-perf-debuginfo: before 4.19.90-2405.1.0.0248

kernel: before 4.19.90-2405.1.0.0248

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1535


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###