openEuler 22.03 LTS SP3 update for kernel

Published: 2024-12-20

Risk	Medium
Patch available	YES
Number of vulnerabilities	8
CVE-ID	CVE-2022-48868 CVE-2023-52434 CVE-2023-6356 CVE-2023-6535 CVE-2023-6536 CVE-2024-50218 CVE-2024-53114 CVE-2024-53142
CWE-ID	CWE-476 CWE-119 CWE-20 CWE-908
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	openEuler Operating systems & Components / Operating system python3-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-headers Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component
Vendor	openEuler

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU96348

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48868

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __drv_enable_wq() function in drivers/dma/idxd/device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU88283

Risk: Medium

CVSSv4.0: 6.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-52434

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU85854

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6356

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_build_iovec() function in the Linux kernel's NVMe driver. A remote attacker can pass specially crafted TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU85853

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6535

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the nvmet_tcp_execute_request() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU85852

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-6536

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the __nvmet_req_complete() function in the Linux kernel's NVMe driver. A remote attacker can send specially crafted NVMe-oF/TCP packets to the system and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU100187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50218

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ocfs2_remove_inode_range() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU101122

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53114

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use of uninitialized resource

EUVDB-ID: #VU101347

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53142

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

python3-perf-debuginfo: before 5.10.0-242.0.0.144

python3-perf: before 5.10.0-242.0.0.144

perf-debuginfo: before 5.10.0-242.0.0.144

perf: before 5.10.0-242.0.0.144

kernel-tools-devel: before 5.10.0-242.0.0.144

kernel-tools-debuginfo: before 5.10.0-242.0.0.144

kernel-tools: before 5.10.0-242.0.0.144

kernel-source: before 5.10.0-242.0.0.144

kernel-headers: before 5.10.0-242.0.0.144

kernel-devel: before 5.10.0-242.0.0.144

kernel-debugsource: before 5.10.0-242.0.0.144

kernel-debuginfo: before 5.10.0-242.0.0.144

kernel: before 5.10.0-242.0.0.144

CPE2.3

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2569

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.