SB2024122049 - openEuler 20.03 LTS SP4 update for kernel

Main Vulnerability Database SB2024122049

SB2024122049 - openEuler 20.03 LTS SP4 update for kernel

Published: December 20, 2024

Security Bulletin ID SB2024122049

Severity

Low

Patch available

YES

Number of vulnerabilities 7

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2024-50125)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the SCO_CONN_TIMEOUT(), sco_sock_timeout() and sco_conn_del() functions in net/bluetooth/sco.c, within the bt_sock_unlink() function in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.

2) Memory leak (CVE-ID: CVE-2024-50167)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the be_xmit() function in drivers/net/ethernet/emulex/benet/be_main.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2024-50168)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sun3_82586_send_packet() function in drivers/net/ethernet/i825xx/sun3_82586.c. A local user can perform a denial of service (DoS) attack.

4) Incorrect calculation (CVE-ID: CVE-2024-50251)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the nft_payload_set_eval() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2024-53057)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the qdisc_tree_reduce_backlog() function in net/sched/sch_api.c. A local user can escalate privileges on the system.

6) NULL pointer dereference (CVE-ID: CVE-2024-53131)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __nilfs_get_page_block() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.

7) Use of uninitialized resource (CVE-ID: CVE-2024-53142)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2570

Vulnerable Software

openEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2412.3.0.0308
python3-perf: before 4.19.90-2412.3.0.0308
python2-perf-debuginfo: before 4.19.90-2412.3.0.0308
python2-perf: before 4.19.90-2412.3.0.0308
perf-debuginfo: before 4.19.90-2412.3.0.0308
perf: before 4.19.90-2412.3.0.0308
kernel-tools-devel: before 4.19.90-2412.3.0.0308
kernel-tools-debuginfo: before 4.19.90-2412.3.0.0308
kernel-tools: before 4.19.90-2412.3.0.0308
kernel-source: before 4.19.90-2412.3.0.0308
kernel-devel: before 4.19.90-2412.3.0.0308
kernel-debugsource: before 4.19.90-2412.3.0.0308
kernel-debuginfo: before 4.19.90-2412.3.0.0308
bpftool-debuginfo: before 4.19.90-2412.3.0.0308
bpftool: before 4.19.90-2412.3.0.0308
kernel: before 4.19.90-2412.3.0.0308