openEuler 24.03 LTS update for kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 143 |
| CVE-ID | CVE-2024-26952 CVE-2024-26954 CVE-2024-36479 CVE-2024-36916 CVE-2024-37021 CVE-2024-38571 CVE-2024-38575 CVE-2024-38585 CVE-2024-38621 CVE-2024-39474 CVE-2024-39482 CVE-2024-39495 CVE-2024-40924 CVE-2024-40937 CVE-2024-40949 CVE-2024-40961 CVE-2024-40965 CVE-2024-40989 CVE-2024-41001 CVE-2024-41032 CVE-2024-42110 CVE-2024-42251 CVE-2024-43857 CVE-2024-43870 CVE-2024-43875 CVE-2024-43876 CVE-2024-43877 CVE-2024-43880 CVE-2024-43881 CVE-2024-44957 CVE-2024-44968 CVE-2024-44972 CVE-2024-44975 CVE-2024-45001 CVE-2024-45005 CVE-2024-45007 CVE-2024-45012 CVE-2024-45022 CVE-2024-46672 CVE-2024-46680 CVE-2024-46693 CVE-2024-46694 CVE-2024-46711 CVE-2024-46741 CVE-2024-46833 CVE-2024-46847 CVE-2024-46864 CVE-2024-46865 CVE-2024-47730 CVE-2024-47735 CVE-2024-49864 CVE-2024-49888 CVE-2024-49926 CVE-2024-49939 CVE-2024-49946 CVE-2024-49951 CVE-2024-49953 CVE-2024-49987 CVE-2024-49988 CVE-2024-49998 CVE-2024-50035 CVE-2024-50077 CVE-2024-50096 CVE-2024-50110 CVE-2024-50111 CVE-2024-50136 CVE-2024-50147 CVE-2024-50160 CVE-2024-50175 CVE-2024-50176 CVE-2024-50181 CVE-2024-50183 CVE-2024-50189 CVE-2024-50220 CVE-2024-50221 CVE-2024-50231 CVE-2024-50232 CVE-2024-50240 CVE-2024-50252 CVE-2024-50256 CVE-2024-50295 CVE-2024-50296 CVE-2024-50304 CVE-2024-53051 CVE-2024-53058 CVE-2024-53091 CVE-2024-53093 CVE-2024-53094 CVE-2024-53097 CVE-2024-53100 CVE-2024-53106 CVE-2024-53109 CVE-2024-53113 CVE-2024-53119 CVE-2024-53120 CVE-2024-53121 CVE-2024-53122 CVE-2024-53123 CVE-2024-53124 CVE-2024-53135 CVE-2024-53138 CVE-2024-53139 CVE-2024-53140 CVE-2024-53144 CVE-2024-53145 CVE-2024-53166 CVE-2024-53201 CVE-2024-53206 CVE-2024-53207 CVE-2024-53209 CVE-2024-53223 CVE-2024-53237 CVE-2024-54193 CVE-2024-56557 CVE-2024-56567 CVE-2024-56588 CVE-2024-56589 CVE-2024-56590 CVE-2024-56614 CVE-2024-56623 CVE-2024-56640 CVE-2024-56641 CVE-2024-56653 CVE-2024-56677 CVE-2024-56687 CVE-2024-56688 CVE-2024-56701 CVE-2024-56718 CVE-2024-56729 CVE-2024-56758 CVE-2024-56769 CVE-2024-56779 CVE-2024-57809 CVE-2024-57874 CVE-2024-57892 CVE-2024-57906 CVE-2024-57910 CVE-2024-57917 CVE-2024-57922 CVE-2024-57926 CVE-2025-21632 CVE-2025-21658 CVE-2025-21670 |
| CWE-ID | CWE-125 CWE-476 CWE-119 CWE-416 CWE-415 CWE-667 CWE-20 CWE-401 CWE-399 CWE-388 CWE-682 CWE-665 CWE-908 CWE-362 CWE-369 CWE-366 CWE-190 CWE-617 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system python3-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-headers Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component bpftool-debuginfo Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 143 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU90317
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26952
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the smb2_tree_connect(), smb2_open(), smb2_query_dir(), smb2_get_ea(), smb2_set_info_file(), smb2_set_info(), fsctl_pipe_transceive() and smb2_ioctl() functions in fs/smb/server/smb2pdu.c, within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU90321
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26954
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU93123
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36479
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fpga_bridge_disable(), of_fpga_bridge_get(), fpga_bridge_dev_match(), fpga_bridge_get(), fpga_bridge_put(), ATTRIBUTE_GROUPS(), fpga_bridge_register() and ERR_PTR() functions in drivers/fpga/fpga-bridge.c, within the fpga_bridge_register() function in Documentation/driver-api/fpga/fpga-bridge.rst. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU90273
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36916
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU93124
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-37021
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ATTRIBUTE_GROUPS(), fpga_mgr_dev_match(), EXPORT_SYMBOL_GPL(), fpga_mgr_unlock(), fpga_mgr_register_full(), ERR_PTR(), fpga_mgr_register(), devm_fpga_mgr_unregister(), devm_fpga_mgr_register_full() and devm_fpga_mgr_register() functions in drivers/fpga/fpga-mgr.c, within the fpga_mgr_register() and fpga_mgr_register_full() functions in Documentation/driver-api/fpga/fpga-mgr.rst. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU92346
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38571
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the compute_intercept_slope() function in drivers/thermal/qcom/tsens.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU92343
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38575
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_pcie_provide_random_bytes() and brcmf_pcie_download_fw_nvram() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU93397
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38585
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tools/include/nolibc/stdlib.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU93025
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38621
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) NULL pointer dereference
EUVDB-ID: #VU93823
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39474
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vm_area_alloc_pages() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU93821
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39482
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bch_dirty_init_thread() and bch_sectors_dirty_init() functions in drivers/md/bcache/writeback.c, within the bch_root_usage() function in drivers/md/bcache/sysfs.c, within the bch_cache_set_alloc() function in drivers/md/bcache/super.c, within the btree_gc_mark_node(), btree_gc_rewrite_node(), btree_gc_recurse(), bch_btree_check_recurse(), bch_btree_check_thread(), bch_btree_check(), bch_btree_map_nodes_recurse() and bch_btree_map_keys_recurse() functions in drivers/md/bcache/btree.c, within the bch_dump_bucket(), __bch_check_keys(), bch_btree_insert_key(), bch_btree_iter_push(), bch_btree_sort_partial() and bch_btree_sort_into() functions in drivers/md/bcache/bset.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU94232
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-39495
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gb_interface_release() function in drivers/greybus/interface.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU94314
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40924
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/gpu/drm/i915/gem/i915_gem_object.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Double free
EUVDB-ID: #VU94289
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40937
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the gve_rx_skb_hash() and gve_rx_poll_dqo() functions in drivers/net/ethernet/google/gve/gve_rx_dqo.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper locking
EUVDB-ID: #VU94263
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40949
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shmem_replace_folio() function in mm/shmem.c, within the __mem_cgroup_uncharge_folios() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) NULL pointer dereference
EUVDB-ID: #VU94244
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40961
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fib6_nh_init() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper locking
EUVDB-ID: #VU94276
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40965
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpi2c_imx_config() and lpi2c_imx_probe() functions in drivers/i2c/busses/i2c-imx-lpi2c.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Input validation error
EUVDB-ID: #VU94324
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40989
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vgic_v3_free_redist_region() and vgic_v3_set_redist_base() functions in arch/arm64/kvm/vgic/vgic-mmio-v3.c, within the kvm_vgic_dist_destroy() function in arch/arm64/kvm/vgic/vgic-init.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Memory leak
EUVDB-ID: #VU94211
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41001
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the io_sq_thread() function in io_uring/sqpoll.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Buffer overflow
EUVDB-ID: #VU95079
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41032
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the DEFINE_PER_CPU() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Resource management error
EUVDB-ID: #VU95050
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42110
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ntb_netdev_rx_handler() function in drivers/net/ntb_netdev.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper locking
EUVDB-ID: #VU95560
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-42251
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the page_folio() function in mm/gup.c, within the filemap_get_folios_contig(), filemap_get_read_batch() and next_uptodate_folio() functions in mm/filemap.c, within the cifs_extend_writeback() function in fs/smb/client/file.c, within the afs_extend_writeback() function in fs/afs/write.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) NULL pointer dereference
EUVDB-ID: #VU96120
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43857
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the is_end_zone_blkaddr() function in fs/f2fs/data.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Memory leak
EUVDB-ID: #VU96286
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43870
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the event_sched_out() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU96298
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43875
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vpci_scan_bus() and epf_ntb_bind() functions in drivers/pci/endpoint/functions/pci-epf-vntb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Resource management error
EUVDB-ID: #VU96303
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43876
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the rcar_pcie_wakeup() function in drivers/pci/controller/pcie-rcar-host.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Buffer overflow
EUVDB-ID: #VU96302
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43877
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ivtvfb_prep_dec_dma_to_device() function in drivers/media/pci/ivtv/ivtvfb.c, within the ivtv_yuv_prep_user_dma() function in drivers/media/pci/ivtv/ivtv-yuv.c, within the ivtv_udma_setup() function in drivers/media/pci/ivtv/ivtv-udma.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Resource management error
EUVDB-ID: #VU96305
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43880
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the objagg_hints_obj_cmp() and objagg_hints_get() functions in lib/objagg.c, within the mlxsw_sp_acl_erp_delta_check() and mlxsw_sp_acl_erp_root_destroy() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_erp.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Memory leak
EUVDB-ID: #VU96288
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43881
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath12k_dp_rx_h_defrag_reo_reinject() and spin_unlock_bh() functions in drivers/net/wireless/ath/ath12k/dp_rx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Improper locking
EUVDB-ID: #VU96862
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44957
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_MUTEX(), irqfd_wakeup(), irqfd_poll_func(), privcmd_irqfd_assign(), privcmd_irqfd_deassign() and privcmd_irqfd_init() functions in drivers/xen/privcmd.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Resource management error
EUVDB-ID: #VU96882
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44968
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tick_broadcast_switch_to_oneshot() and hotplug_cpu__broadcast_tick_pull() functions in kernel/time/tick-broadcast.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Memory leak
EUVDB-ID: #VU96833
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44972
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the extent_write_locked_range() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Resource management error
EUVDB-ID: #VU96872
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-44975
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the update_parent_effective_cpumask() function in kernel/cgroup/cpuset.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Resource management error
EUVDB-ID: #VU96874
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45001
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Improper error handling
EUVDB-ID: #VU96867
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45005
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/s390/kvm/kvm-s390.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Input validation error
EUVDB-ID: #VU96888
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45007
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the MODULE_LICENSE(), cleanup_dev(), report_io_error() and xillyusb_init() functions in drivers/char/xillybus/xillyusb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Improper error handling
EUVDB-ID: #VU97181
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45012
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_falcon_fw_boot() function in drivers/gpu/drm/nouveau/nvkm/falcon/fw.c, within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Buffer overflow
EUVDB-ID: #VU97183
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45022
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the vm_area_alloc_pages() function in mm/vmalloc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) NULL pointer dereference
EUVDB-ID: #VU97175
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46672
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_pmksa_v3_op() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Input validation error
EUVDB-ID: #VU97270
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46680
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ps_wakeup(), btnxpuart_close() and nxp_serdev_remove() functions in drivers/bluetooth/btnxpuart.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) NULL pointer dereference
EUVDB-ID: #VU97262
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46693
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the pmic_glink_ucsi_probe() function in drivers/usb/typec/ucsi/ucsi_glink.c, within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c, within the _devm_pmic_glink_release_client() and devm_pmic_glink_register_client() functions in drivers/soc/qcom/pmic_glink.c, within the qcom_battmgr_probe() function in drivers/power/supply/qcom_battmgr.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Improper error handling
EUVDB-ID: #VU97273
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46694
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dm_plane_helper_prepare_fb() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_plane.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Incorrect calculation
EUVDB-ID: #VU97284
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46711
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the !!() and mptcp_pm_nl_add_addr_received() functions in net/mptcp/pm_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Double free
EUVDB-ID: #VU97542
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46741
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fastrpc_req_mmap() function in drivers/misc/fastrpc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Out-of-bounds read
EUVDB-ID: #VU97788
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46833
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hclge_query_reg_info_of_ssu() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_err.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Out-of-bounds read
EUVDB-ID: #VU97790
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46847
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the new_vmap_block() function in mm/vmalloc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Improper Initialization
EUVDB-ID: #VU97825
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46864
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hv_machine_shutdown() function in arch/x86/kernel/cpu/mshyperv.c, within the EXPORT_SYMBOL_GPL(), register_syscore_ops() and wrmsrl() functions in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Use of uninitialized resource
EUVDB-ID: #VU97817
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46865
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the gue_gro_receive() function in net/ipv4/fou.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Input validation error
EUVDB-ID: #VU99227
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47730
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qm_set_vf_mse(), qm_controller_reset_prepare(), qm_master_ooo_check() and qm_soft_reset_prepare() functions in drivers/crypto/hisilicon/qm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Improper locking
EUVDB-ID: #VU99025
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-47735
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the hns_roce_lock_cqs() and hns_roce_unlock_cqs() functions in drivers/infiniband/hw/hns/hns_roce_qp.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Race condition
EUVDB-ID: #VU99127
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49864
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rxrpc_open_socket() function in net/rxrpc/local_object.c, within the rxrpc_encap_rcv() and rxrpc_io_thread() functions in net/rxrpc/io_thread.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Improper error handling
EUVDB-ID: #VU99074
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49888
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the do_misc_fixups() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Resource management error
EUVDB-ID: #VU99147
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49926
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel/rcu/tasks.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Improper locking
EUVDB-ID: #VU99019
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49939
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtw89_ops_add_interface() function in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Improper locking
EUVDB-ID: #VU99018
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49946
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ppp_channel_bridge_input() function in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Resource management error
EUVDB-ID: #VU99171
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49951
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the cmd_status_rsp(), mgmt_index_added(), mgmt_power_on() and __mgmt_power_off() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Input validation error
EUVDB-ID: #VU99043
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49953
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the mlx5e_ipsec_handle_tx_limit() function in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) NULL pointer dereference
EUVDB-ID: #VU98946
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49987
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the show_link_netfilter() function in tools/bpf/bpftool/net.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Incorrect calculation
EUVDB-ID: #VU99187
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49988
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the session_fd_check() and ksmbd_reopen_durable_fd() functions in fs/smb/server/vfs_cache.c, within the alloc_opinfo(), free_opinfo(), opinfo_get_list(), smb_send_parent_lease_break_noti(), smb_lazy_parent_lease_break_close(), smb_grant_oplock(), smb_break_all_write_oplock() and smb_break_all_levII_oplock() functions in fs/smb/server/oplock.c, within the ksmbd_conn_free() and ksmbd_conn_alloc() functions in fs/smb/server/connection.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) NULL pointer dereference
EUVDB-ID: #VU98944
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49998
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() and dsa_switch_shutdown() functions in net/dsa/dsa.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Use of uninitialized resource
EUVDB-ID: #VU99083
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50035
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ppp_async_encode() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Improper error handling
EUVDB-ID: #VU99453
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50077
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iso_init() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Buffer overflow
EUVDB-ID: #VU99843
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50096
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nouveau_dmem_fault_copy_one() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Memory leak
EUVDB-ID: #VU99801
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50110
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_to_user_auth() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Resource management error
EUVDB-ID: #VU99835
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50111
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_ale() and die_if_kernel() functions in arch/loongarch/kernel/traps.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Resource management error
EUVDB-ID: #VU99836
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50136
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_eswitch_enable_locked() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) NULL pointer dereference
EUVDB-ID: #VU100072
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50147
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_cmd_comp_handler(), mlx5_cmd_trigger_completions() and mlx5_cmd_enable() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) NULL pointer dereference
EUVDB-ID: #VU100074
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50160
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dolphin_fixups() function in sound/pci/hda/patch_cs8409.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Improper locking
EUVDB-ID: #VU100125
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50175
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the video_stop_streaming() function in drivers/media/platform/qcom/camss/camss-video.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Improper error handling
EUVDB-ID: #VU100133
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50176
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dev_err() and rproc_del() functions in drivers/remoteproc/ti_k3_r5_remoteproc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Input validation error
EUVDB-ID: #VU100155
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50181
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx7d_clocks_init() function in drivers/clk/imx/clk-imx7d.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Improper locking
EUVDB-ID: #VU100126
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50183
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c, within the lpfc_cmpl_ct() function in drivers/scsi/lpfc/lpfc_ct.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
73) Buffer overflow
EUVDB-ID: #VU100145
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50189
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the amd_sfh_hid_client_init() and amd_sfh_hid_client_deinit() functions in drivers/hid/amd-sfh-hid/amd_sfh_client.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Memory leak
EUVDB-ID: #VU100160
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50220
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mmap_write_unlock() function in kernel/fork.c, within the dup_userfaultfd_complete() function in fs/userfaultfd.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Out-of-bounds read
EUVDB-ID: #VU100170
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50221
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vangogh_tables_init() function in drivers/gpu/drm/amd/pm/swsmu/smu11/vangogh_ppt.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Memory leak
EUVDB-ID: #VU100161
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50231
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iio_gts_build_avail_scale_table() function in drivers/iio/industrialio-gts-helper.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
77) Division by zero
EUVDB-ID: #VU100199
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50232
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad7124_write_raw() function in drivers/iio/adc/ad7124.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) NULL pointer dereference
EUVDB-ID: #VU100179
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50240
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qmp_usb_probe() function in drivers/phy/qualcomm/phy-qcom-qmp-usb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
79) Memory leak
EUVDB-ID: #VU100163
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50252
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_ipip_ol_netdev_change_gre6() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
80) Improper error handling
EUVDB-ID: #VU100192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50256
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
81) Resource management error
EUVDB-ID: #VU100646
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50295
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the arc_emac_tx_clean(), arc_emac_rx(), arc_emac_open(), arc_emac_set_rx_mode(), arc_free_tx_queue(), arc_free_rx_queue() and arc_emac_tx() functions in drivers/net/ethernet/arc/emac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
82) NULL pointer dereference
EUVDB-ID: #VU100626
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50296
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hnae3_unregister_ae_algo_prepare() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
83) Improper locking
EUVDB-ID: #VU100717
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50304
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ip_tunnel_find() function in net/ipv4/ip_tunnel.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
84) NULL pointer dereference
EUVDB-ID: #VU100710
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53051
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the intel_hdcp_read_valid_bksv() function in drivers/gpu/drm/i915/display/intel_hdcp.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
85) Improper error handling
EUVDB-ID: #VU100729
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53058
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the stmmac_tso_xmit() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
86) Input validation error
EUVDB-ID: #VU100836
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53091
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the include/net/tls.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
87) Improper locking
EUVDB-ID: #VU100834
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53093
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_add_ns_head_cdev(), nvme_mpath_alloc_disk(), nvme_mpath_set_live(), nvme_mpath_shutdown_disk() and nvme_mpath_remove_disk() functions in drivers/nvme/host/multipath.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
88) Resource management error
EUVDB-ID: #VU100835
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53094
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the siw_tcp_sendpages() function in drivers/infiniband/sw/siw/siw_qp_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
89) Use-after-free
EUVDB-ID: #VU100937
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53097
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __do_krealloc() function in mm/slab_common.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
90) Improper locking
EUVDB-ID: #VU100939
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53100
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_tcp_get_address() function in drivers/nvme/host/tcp.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
91) Buffer overflow
EUVDB-ID: #VU101119
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53106
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ima_eventdigest_init_common() function in security/integrity/ima/ima_template_lib.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
92) Resource management error
EUVDB-ID: #VU101114
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53109
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the delete_vma_from_mm() function in mm/nommu.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
93) NULL pointer dereference
EUVDB-ID: #VU101103
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53113
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the alloc_pages_bulk_noprof() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
94) Memory leak
EUVDB-ID: #VU101098
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53119
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_transport_recv_listen() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
95) NULL pointer dereference
EUVDB-ID: #VU101105
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53120
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_tc_ct_entry_add_rule() function in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
96) Memory leak
EUVDB-ID: #VU101099
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53121
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lookup_fte_locked() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
97) Division by zero
EUVDB-ID: #VU101111
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53122
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_rcv_space_adjust() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
98) Division by zero
EUVDB-ID: #VU101112
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53123
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_recvmsg() and pr_debug() functions in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
99) Race condition within a thread
EUVDB-ID: #VU101113
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53124
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_v6_do_rcv() function in net/ipv6/tcp_ipv6.c, within the dccp_v6_do_rcv() function in net/dccp/ipv6.c. A local user can corrupt data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
100) Improper locking
EUVDB-ID: #VU101228
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53135
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the module_param() function in arch/x86/kvm/vmx/vmx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
101) Incorrect calculation
EUVDB-ID: #VU101234
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53138
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the tx_sync_info_get(), mlx5e_ktls_tx_handle_resync_dump_comp() and mlx5e_ktls_tx_handle_ooo() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
102) Use-after-free
EUVDB-ID: #VU101223
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53139
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_v6_available() function in net/sctp/ipv6.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
103) Double free
EUVDB-ID: #VU101230
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53140
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the netlink_skb_set_owner_r(), netlink_sock_destruct(), deferred_put_nlk_sk() and netlink_release() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
104) Input validation error
EUVDB-ID: #VU101815
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53144
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
105) Integer overflow
EUVDB-ID: #VU101920
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53145
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the setup_physmem() function in arch/um/kernel/physmem.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
106) Use-after-free
EUVDB-ID: #VU102048
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53166
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_choose_req(), bfqq_request_over_limit() and bfq_limit_depth() functions in block/bfq-iosched.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
107) NULL pointer dereference
EUVDB-ID: #VU102137
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53201
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
108) Use-after-free
EUVDB-ID: #VU102046
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53206
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __inet_csk_reqsk_queue_drop() function in net/ipv4/inet_connection_sock.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
109) Improper locking
EUVDB-ID: #VU102176
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53207
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mgmt_set_discoverable_complete(), mgmt_set_connectable_complete(), set_ssp_complete(), set_name_complete(), set_default_phy_complete(), start_discovery_complete(), stop_discovery_complete() and read_local_oob_ext_data_complete() functions in net/bluetooth/mgmt.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
110) NULL pointer dereference
EUVDB-ID: #VU102134
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53209
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_set_rx_skb_mode() and bnxt_change_mtu() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
111) Resource management error
EUVDB-ID: #VU102250
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53223
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the to_mtmips_clk(), mt76x8_cpu_recalc_rate(), CLK_BASE() and ARRAY_SIZE() functions in drivers/clk/ralink/clk-mtmips.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
112) Use-after-free
EUVDB-ID: #VU102069
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53237
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __match_tty() and hci_conn_del_sysfs() functions in net/bluetooth/hci_sysfs.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
113) Input validation error
EUVDB-ID: #VU102993
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54193
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ivpu_pm_init() and ivpu_pm_enable() functions in drivers/accel/ivpu/ivpu_pm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
114) Buffer overflow
EUVDB-ID: #VU102213
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56557
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __aligned() function in drivers/iio/adc/ad7923.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
115) Division by zero
EUVDB-ID: #VU102216
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56567
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad7780_write_raw() function in drivers/iio/adc/ad7780.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
116) NULL pointer dereference
EUVDB-ID: #VU102106
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56588
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the debugfs_to_reg_name_v3_hw(), debugfs_global_v3_hw_show(), debugfs_axi_v3_hw_show(), debugfs_ras_v3_hw_show(), debugfs_port_v3_hw_show(), debugfs_cq_v3_hw_show(), debugfs_dq_show_slot_v3_hw(), debugfs_iost_v3_hw_show(), debugfs_iost_cache_v3_hw_show(), debugfs_itct_v3_hw_show(), debugfs_itct_cache_v3_hw_show(), debugfs_create_files_v3_hw(), debugfs_release_v3_hw(), debugfs_snapshot_regs_v3_hw(), debugfs_bist_init_v3_hw() and debugfs_init_v3_hw() functions in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
117) Improper locking
EUVDB-ID: #VU102168
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56589
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cq_thread_v3_hw() function in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
118) Input validation error
EUVDB-ID: #VU102281
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56590
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_tx_work() and hci_acldata_packet() functions in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
119) Out-of-bounds read
EUVDB-ID: #VU102084
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56614
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the xsk_map_delete_elem() function in net/xdp/xskmap.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
120) Use-after-free
EUVDB-ID: #VU102023
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56623
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
121) Use-after-free
EUVDB-ID: #VU102027
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56640
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_listen_out() and smc_listen_work() functions in net/smc/af_smc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
122) Resource management error
EUVDB-ID: #VU102228
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56641
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smc_sk_init(), smc_connect_rdma(), smc_connect_ism() and smc_listen_work() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
123) Use-after-free
EUVDB-ID: #VU102032
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56653
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btmtk_process_coredump() function in drivers/bluetooth/btmtk.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
124) Use-after-free
EUVDB-ID: #VU102010
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56677
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the setup_arch() function in arch/powerpc/kernel/setup-common.c, within the fadump_cma_init() and fadump_reserve_mem() functions in arch/powerpc/kernel/fadump.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
125) Improper locking
EUVDB-ID: #VU102156
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56687
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the musb_free_request() function in drivers/usb/musb/musb_gadget.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
126) NULL pointer dereference
EUVDB-ID: #VU102096
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56688
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xs_sock_reset_state_flags() function in net/sunrpc/xprtsock.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
127) Improper locking
EUVDB-ID: #VU102158
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56701
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the dtl_worker_enable() and dtl_worker_disable() functions in arch/powerpc/platforms/pseries/lpar.c, within the dtl_enable() and dtl_disable() functions in arch/powerpc/platforms/pseries/dtl.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
128) Double free
EUVDB-ID: #VU102191
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56718
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the smcr_link_down_cond_sched() and smc_link_down_work() functions in net/smc/smc_core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
129) Memory leak
EUVDB-ID: #VU101985
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56729
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the spin_lock() function in fs/smb/client/cached_dir.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
130) NULL pointer dereference
EUVDB-ID: #VU102398
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56758
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the relocate_one_folio() function in fs/btrfs/relocation.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
131) Improper error handling
EUVDB-ID: #VU102401
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56769
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the MODULE_PARM_DESC() function in drivers/media/dvb-frontends/dib3000mb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
132) Memory leak
EUVDB-ID: #VU102477
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-56779
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the release_open_stateid(), spin_lock() and nfsd4_process_open2() functions in fs/nfsd/nfs4state.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
133) Improper error handling
EUVDB-ID: #VU102957
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57809
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the IMX_PCIE_FLAG_HAS_SERDES BIT(), imx_pcie_suspend_noirq() and imx_pcie_resume_noirq() functions in drivers/pci/controller/dwc/pci-imx6.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
134) Memory leak
EUVDB-ID: #VU102897
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57874
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tagged_addr_ctrl_get() and tagged_addr_ctrl_set() functions in arch/arm64/kernel/ptrace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
135) Use-after-free
EUVDB-ID: #VU102905
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57892
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brelse() function in fs/ocfs2/quota_local.c, within the ocfs2_get_next_id() function in fs/ocfs2/quota_global.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
136) Memory leak
EUVDB-ID: #VU103002
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57906
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ads8688_trigger_handler() function in drivers/iio/adc/ti-ads8688.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
137) Memory leak
EUVDB-ID: #VU103006
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57910
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vcnl4035_trigger_consumer_handler() function in drivers/iio/light/vcnl4035.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
138) Input validation error
EUVDB-ID: #VU103478
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57917
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an unspecified issue in drivers/base/topology.c. A local user can gain access to sensitive information.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
139) Reachable assertion
EUVDB-ID: #VU103037
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57922
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
140) Use-after-free
EUVDB-ID: #VU103010
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-57926
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_dev_put() function in drivers/gpu/drm/mediatek/mtk_drm_drv.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
141) Memory leak
EUVDB-ID: #VU103009
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21632
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssp_get() function in arch/x86/kernel/fpu/regset.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
142) NULL pointer dereference
EUVDB-ID: #VU103122
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21658
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the scrub_find_fill_first_stripe() function in fs/btrfs/scrub.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
143) NULL pointer dereference
EUVDB-ID: #VU103584
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-21670
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vsock_bpf_recvmsg() function in net/vmw_vsock/vsock_bpf.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-76.0.0.69
python3-perf: before 6.6.0-76.0.0.69
perf-debuginfo: before 6.6.0-76.0.0.69
perf: before 6.6.0-76.0.0.69
kernel-tools-devel: before 6.6.0-76.0.0.69
kernel-tools-debuginfo: before 6.6.0-76.0.0.69
kernel-tools: before 6.6.0-76.0.0.69
kernel-source: before 6.6.0-76.0.0.69
kernel-headers: before 6.6.0-76.0.0.69
kernel-devel: before 6.6.0-76.0.0.69
kernel-debugsource: before 6.6.0-76.0.0.69
kernel-debuginfo: before 6.6.0-76.0.0.69
bpftool-debuginfo: before 6.6.0-76.0.0.69
bpftool: before 6.6.0-76.0.0.69
kernel: before 6.6.0-76.0.0.69
CPE2.3- cpe:2.3:o:openeuler:openeuler:24.03:LTS:*:*:*:*:*:*
- cpe:2.3:o:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-headers:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:o:openeuler:kernel:*:*:*:*:*:openeuler:*:*
http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
