Main Vulnerability Database SB2024082364

SB2024082364 - openEuler 22.03 LTS SP4 update for kernel

Published: August 23, 2024 Updated: December 4, 2024

Security Bulletin ID SB2024082364

Severity

Low

Patch available

YES

Number of vulnerabilities 19

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 19 secuirty vulnerabilities.

1) Resource management error (CVE-ID: CVE-2024-33621)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ipvlan_process_v4_outbound() and ipvlan_process_v6_outbound() functions in drivers/net/ipvlan/ipvlan_core.c. A local user can perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2024-34777)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the map_benchmark_ioctl() function in kernel/dma/map_benchmark.c. A local user can perform a denial of service (DoS) attack.

3) Buffer overflow (CVE-ID: CVE-2024-38544)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the rxe_comp_queue_pkt() function in drivers/infiniband/sw/rxe/rxe_comp.c. A local user can perform a denial of service (DoS) attack.

4) Resource management error (CVE-ID: CVE-2024-38565)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.

5) Improper locking (CVE-ID: CVE-2024-38597)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gem_interrupt() and gem_init_one() functions in drivers/net/ethernet/sun/sungem.c. A local user can perform a denial of service (DoS) attack.

6) Memory leak (CVE-ID: CVE-2024-39276)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ext4_xattr_block_cache_find() function in fs/ext4/xattr.c. A local user can perform a denial of service (DoS) attack.

7) Improper locking (CVE-ID: CVE-2024-39476)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the raid5d() function in drivers/md/raid5.c. A local user can perform a denial of service (DoS) attack.

8) Buffer overflow (CVE-ID: CVE-2024-40902)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the ea_get() function in fs/jfs/xattr.c. A local user can escalate privileges on the system.

9) NULL pointer dereference (CVE-ID: CVE-2024-40945)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/iommu.h. A local user can perform a denial of service (DoS) attack.

10) Improper locking (CVE-ID: CVE-2024-40966)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the con_cleanup() function in drivers/tty/vt/vt.c, within the tty_set_ldisc() function in drivers/tty/tty_ldisc.c. A local user can perform a denial of service (DoS) attack.

11) Improper locking (CVE-ID: CVE-2024-41088)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mcp251xfd_tx_obj_from_skb(), mcp251xfd_tx_busy() and mcp251xfd_start_xmit() functions in drivers/net/can/spi/mcp251xfd/mcp251xfd-tx.c, within the mcp251xfd_open() and mcp251xfd_stop() functions in drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c. A local user can perform a denial of service (DoS) attack.

12) Type Confusion (CVE-ID: CVE-2024-42070)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a type confusion error within the nft_lookup_init() function in net/netfilter/nft_lookup.c, within the nf_tables_fill_setelem() and nft_validate_register_store() functions in net/netfilter/nf_tables_api.c. A local user can pass specially crafted data to the packet filtering to trigger a type confusion error and gain access to sensitive information.

13) Improper error handling (CVE-ID: CVE-2024-42127)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the lima_pp_init() and lima_pp_bcast_init() functions in drivers/gpu/drm/lima/lima_pp.c, within the lima_mmu_init() function in drivers/gpu/drm/lima/lima_mmu.c, within the lima_gp_init() function in drivers/gpu/drm/lima/lima_gp.c. A local user can perform a denial of service (DoS) attack.

14) Integer overflow (CVE-ID: CVE-2024-42131)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the domain_dirty_limits(), node_dirty_limit(), dirty_background_bytes_handler() and dirty_bytes_handler() functions in mm/page-writeback.c. A local user can execute arbitrary code.

15) Use-after-free (CVE-ID: CVE-2024-42232)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the delayed_work() and EXPORT_SYMBOL() functions in net/ceph/mon_client.c. A local user can escalate privileges on the system.

16) Memory leak (CVE-ID: CVE-2024-42236)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the usb_string_copy() function in drivers/usb/gadget/configfs.c. A local user can perform a denial of service (DoS) attack.

17) Improper error handling (CVE-ID: CVE-2024-42304)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the __ext4_read_dirblock(), ext4_empty_dir() and ext4_get_first_dir_block() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.

18) NULL pointer dereference (CVE-ID: CVE-2024-42310)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdv_intel_lvds_get_modes() function in drivers/gpu/drm/gma500/cdv_intel_lvds.c. A local user can perform a denial of service (DoS) attack.

19) Input validation error (CVE-ID: CVE-2024-43839)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the bnad_tx_msix_register() and bnad_rx_msix_register() functions in drivers/net/ethernet/brocade/bna/bnad.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2028

Vulnerable Software

openEuler: 22.03 LTS SP4
python3-perf-debuginfo: before 5.10.0-224.0.0.123
python3-perf: before 5.10.0-224.0.0.123
perf-debuginfo: before 5.10.0-224.0.0.123
perf: before 5.10.0-224.0.0.123
kernel-tools-devel: before 5.10.0-224.0.0.123
kernel-tools-debuginfo: before 5.10.0-224.0.0.123
kernel-tools: before 5.10.0-224.0.0.123
kernel-source: before 5.10.0-224.0.0.123
kernel-headers: before 5.10.0-224.0.0.123
kernel-devel: before 5.10.0-224.0.0.123
kernel-debugsource: before 5.10.0-224.0.0.123
kernel-debuginfo: before 5.10.0-224.0.0.123
bpftool-debuginfo: before 5.10.0-224.0.0.123
bpftool: before 5.10.0-224.0.0.123
kernel: before 5.10.0-224.0.0.123