Main Vulnerability Database SB2024083052

SB2024083052 - openEuler 22.03 LTS SP1 update for kernel

Published: August 30, 2024

Security Bulletin ID SB2024083052

Severity

Low

Patch available

YES

Number of vulnerabilities 54

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 54 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2021-47292)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the io_init_wq_offload() function in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.

2) Resource management error (CVE-ID: CVE-2021-47504)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the io_uring_drop_tctx_refs() and io_uring_cancel_generic() functions in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2021-47556)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ethtool_set_coalesce() function in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.

4) Improper locking (CVE-ID: CVE-2022-48634)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gma_crtc_page_flip() function in drivers/gpu/drm/gma500/gma_display.c. A local user can perform a denial of service (DoS) attack.

5) Information disclosure (CVE-ID: CVE-2022-48639)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the net/sched/cls_api.c. A local user can gain access to sensitive information.

6) Memory leak (CVE-ID: CVE-2022-48642)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

7) Integer underflow (CVE-ID: CVE-2022-48643)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can execute arbitrary code.

8) Improper locking (CVE-ID: CVE-2022-48644)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the taprio_enable_offload() and taprio_disable_offload() functions in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.

9) NULL pointer dereference (CVE-ID: CVE-2022-48647)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_probe_interrupts() function in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.

10) NULL pointer dereference (CVE-ID: CVE-2022-48648)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_hard_start_xmit() function in drivers/net/ethernet/sfc/tx.c. A local user can perform a denial of service (DoS) attack.

11) Information disclosure (CVE-ID: CVE-2022-48656)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to information disclosure within the of_xudma_dev_get() function in drivers/dma/ti/k3-udma-private.c. A local user can perform a denial of service (DoS) attack.

12) NULL pointer dereference (CVE-ID: CVE-2022-48663)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gpio_mockup_init() function in drivers/gpio/gpio-mockup.c. A local user can perform a denial of service (DoS) attack.

13) Improper locking (CVE-ID: CVE-2022-48671)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cgroup_attach_task_all() function in kernel/cgroup/cgroup-v1.c. A local user can perform a denial of service (DoS) attack.

14) Off-by-one (CVE-ID: CVE-2022-48672)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.

15) Improper locking (CVE-ID: CVE-2022-48675)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mmput_async() function in kernel/fork.c, within the mutex_unlock() function in drivers/infiniband/core/umem_odp.c. A local user can perform a denial of service (DoS) attack.

16) Use-after-free (CVE-ID: CVE-2022-48686)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.

17) Out-of-bounds read (CVE-ID: CVE-2022-48687)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.

18) Memory leak (CVE-ID: CVE-2022-48691)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nft_basechain_init() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

19) Use-after-free (CVE-ID: CVE-2022-48873)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fastrpc_free_map(), fastrpc_buf_free() and fastrpc_device_release() functions in drivers/misc/fastrpc.c. A local user can escalate privileges on the system.

20) Memory leak (CVE-ID: CVE-2022-48896)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ixgbe_get_first_secondary_devfn() and ixgbe_x550em_a_has_mii() functions in drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c. A local user can perform a denial of service (DoS) attack.

21) Improper locking (CVE-ID: CVE-2022-48898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dp_aux_isr() function in drivers/gpu/drm/msm/dp/dp_aux.c. A local user can perform a denial of service (DoS) attack.

22) Use-after-free (CVE-ID: CVE-2022-48899)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the virtio_gpu_resource_create_ioctl() function in drivers/gpu/drm/virtio/virtgpu_ioctl.c. A local user can escalate privileges on the system.

23) Improper locking (CVE-ID: CVE-2022-48920)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the btrfs_cleanup_pending_block_groups() function in fs/btrfs/transaction.c. A local user can perform a denial of service (DoS) attack.

24) Use-after-free (CVE-ID: CVE-2022-48935)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __nft_release_table() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

25) NULL pointer dereference (CVE-ID: CVE-2023-52893)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gsmi_get_variable() function in drivers/firmware/google/gsmi.c. A local user can perform a denial of service (DoS) attack.

26) NULL pointer dereference (CVE-ID: CVE-2023-52898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xhci_free_dev() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.

27) NULL pointer dereference (CVE-ID: CVE-2023-52901)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xhci_kill_endpoint_urbs() function in drivers/usb/host/xhci-ring.c. A local user can perform a denial of service (DoS) attack.

28) Improper locking (CVE-ID: CVE-2023-52903)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_iopoll_complete() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.

29) Concurrent execution using shared resource with improper synchronization ('race condition') (CVE-ID: CVE-2024-22386)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to concurrent execution using shared resource with improper synchronization ('race condition') error. A local user can perform a denial of service (DoS) attack.

30) Buffer overflow (CVE-ID: CVE-2024-36946)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.

31) Improper locking (CVE-ID: CVE-2024-38613)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the arch/m68k/kernel/entry.S. A local user can perform a denial of service (DoS) attack.

32) Memory leak (CVE-ID: CVE-2024-39490)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the seg6_input_core() function in net/ipv6/seg6_iptunnel.c. A local user can perform a denial of service (DoS) attack.

33) Memory leak (CVE-ID: CVE-2024-41002)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sec_alg_resource_free() function in drivers/crypto/hisilicon/sec2/sec_crypto.c. A local user can perform a denial of service (DoS) attack.

34) Resource management error (CVE-ID: CVE-2024-41068)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sclp_init() function in drivers/s390/char/sclp.c. A local user can perform a denial of service (DoS) attack.

35) Input validation error (CVE-ID: CVE-2024-42120)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the dce110_vblank_set() function in drivers/gpu/drm/amd/display/dc/irq/dce110/irq_service_dce110.c. A local user can perform a denial of service (DoS) attack.

36) NULL pointer dereference (CVE-ID: CVE-2024-42122)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn31_hpo_dp_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn351/dcn351_resource.c, within the dcn31_hpo_dp_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c, within the dcn321_hpo_dp_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn321/dcn321_resource.c, within the dcn32_hpo_dp_link_encoder_create() and dml1_validate() functions in drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c, within the dcn31_hpo_dp_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn316/dcn316_resource.c, within the dcn31_hpo_dp_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn315/dcn315_resource.c, within the dcn31_hpo_dp_link_encoder_create() and dcn314_validate_bandwidth() functions in drivers/gpu/drm/amd/display/dc/resource/dcn314/dcn314_resource.c, within the dcn31_hpo_dp_link_encoder_create() and dcn31_validate_bandwidth() functions in drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.c, within the dcn30_validate_bandwidth() function in drivers/gpu/drm/amd/display/dc/resource/dcn30/dcn30_resource.c, within the dcn32_clk_mgr_construct() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn32/dcn32_clk_mgr.c, within the dcn3_clk_mgr_construct() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c. A local user can perform a denial of service (DoS) attack.

37) Input validation error (CVE-ID: CVE-2024-42265)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __releases() function in fs/file.c. A local user can perform a denial of service (DoS) attack.

38) Use-after-free (CVE-ID: CVE-2024-42271)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iucv_sever_path() function in net/iucv/af_iucv.c. A local user can escalate privileges on the system.

39) Use-after-free (CVE-ID: CVE-2024-42280)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hfcmulti_dtmf() and HFC_wait_nodebug() functions in drivers/isdn/hardware/mISDN/hfcmulti.c. A local user can escalate privileges on the system.

40) Input validation error (CVE-ID: CVE-2024-42281)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the bpf_skb_net_grow() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.

41) Buffer overflow (CVE-ID: CVE-2024-42284)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the tipc_udp_addr2str() function in net/tipc/udp_media.c. A local user can escalate privileges on the system.

42) Use-after-free (CVE-ID: CVE-2024-42285)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL(), destroy_cm_id() and cm_work_handler() functions in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.

43) Improper error handling (CVE-ID: CVE-2024-42297)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the f2fs_mark_inode_dirty_sync() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.

44) Resource management error (CVE-ID: CVE-2024-42305)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the add_dirent_to_buf() and make_indexed_dir() functions in fs/ext4/namei.c. A local user can perform a denial of service (DoS) attack.

45) NULL pointer dereference (CVE-ID: CVE-2024-42308)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dc_plane_get_status() function in drivers/gpu/drm/amd/display/dc/core/dc_surface.c. A local user can perform a denial of service (DoS) attack.

46) NULL pointer dereference (CVE-ID: CVE-2024-43819)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kvm_arch_prepare_memory_region() function in arch/s390/kvm/kvm-s390.c. A local user can perform a denial of service (DoS) attack.

47) Use of uninitialized resource (CVE-ID: CVE-2024-43828)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ext4_es_find_extent_range() function in fs/ext4/extents_status.c. A local user can perform a denial of service (DoS) attack.

48) Input validation error (CVE-ID: CVE-2024-43831)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vpu_dec_init() function in drivers/media/platform/mediatek/vcodec/decoder/vdec_vpu_if.c. A local user can perform a denial of service (DoS) attack.

49) Use-after-free (CVE-ID: CVE-2024-43853)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the proc_cpuset_show() function in kernel/cgroup/cpuset.c. A local user can escalate privileges on the system.

50) NULL pointer dereference (CVE-ID: CVE-2024-43860)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the imx_rproc_addr_init() function in drivers/remoteproc/imx_rproc.c. A local user can perform a denial of service (DoS) attack.

51) Memory leak (CVE-ID: CVE-2024-43861)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qmimux_rx_fixup() function in drivers/net/usb/qmi_wwan.c. A local user can perform a denial of service (DoS) attack.

52) NULL pointer dereference (CVE-ID: CVE-2024-43866)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_sf_dev_shutdown() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_try_fast_unload() and shutdown() functions in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.

53) Resource management error (CVE-ID: CVE-2024-43879)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the cfg80211_calculate_bitrate_he() function in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.

54) Improper locking (CVE-ID: CVE-2024-43882)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bprm_fill_uid() function in fs/exec.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2080

Vulnerable Software

openEuler: 22.03 LTS SP1
python3-perf-debuginfo: before 5.10.0-136.91.0.172
python3-perf: before 5.10.0-136.91.0.172
perf-debuginfo: before 5.10.0-136.91.0.172
perf: before 5.10.0-136.91.0.172
kernel-tools-devel: before 5.10.0-136.91.0.172
kernel-tools-debuginfo: before 5.10.0-136.91.0.172
kernel-tools: before 5.10.0-136.91.0.172
kernel-source: before 5.10.0-136.91.0.172
kernel-headers: before 5.10.0-136.91.0.172
kernel-devel: before 5.10.0-136.91.0.172
kernel-debugsource: before 5.10.0-136.91.0.172
kernel-debuginfo: before 5.10.0-136.91.0.172
kernel: before 5.10.0-136.91.0.172

SB2024083052 - openEuler 22.03 LTS SP1 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human