SB2025022475 - openEuler 24.03 LTS update for kernel
Published: February 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 27 secuirty vulnerabilities.
1) Resource management error (CVE-ID: CVE-2024-39282)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the t7xx_fsm_broadcast_state(), fsm_main_thread() and t7xx_fsm_append_cmd() functions in drivers/net/wwan/t7xx/t7xx_state_monitor.c. A local user can perform a denial of service (DoS) attack.
2) NULL pointer dereference (CVE-ID: CVE-2024-45828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_dma_cleanup() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.
3) Out-of-bounds read (CVE-ID: CVE-2024-46834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ethtool_set_channels() function in net/ethtool/ioctl.c, within the ethtool_get_max_rxfh_channel() function in net/ethtool/common.c, within the ethnl_set_channels() function in net/ethtool/channels.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2024-46860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt7921_ipv6_addr_change() function in drivers/net/wireless/mediatek/mt76/mt7921/main.c. A local user can perform a denial of service (DoS) attack.
5) Input validation error (CVE-ID: CVE-2024-46861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ipheth_rcvbulk_callback() function in drivers/net/usb/ipheth.c. A local user can perform a denial of service (DoS) attack.
6) Improper locking (CVE-ID: CVE-2024-49569)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_stop_keep_alive() function in drivers/nvme/host/rdma.c. A local user can perform a denial of service (DoS) attack.
7) NULL pointer dereference (CVE-ID: CVE-2024-50146)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the _mlx5e_remove() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
8) Resource management error (CVE-ID: CVE-2024-53195)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the DECLARE_KVM_NVHE_PER_CPU(), kvm_arch_vcpu_postcreate(), kvm_arch_vcpu_run_pid_change(), kvm_vcpu_exit_request() and kvm_arch_vcpu_ioctl_run() functions in arch/arm64/kvm/arm.c, within the get_timer_map() function in arch/arm64/kvm/arch_timer.c. A local user can perform a denial of service (DoS) attack.
9) Improper locking (CVE-ID: CVE-2024-54683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the idletimer_tg_destroy() and idletimer_tg_destroy_v1() functions in net/netfilter/xt_IDLETIMER.c. A local user can perform a denial of service (DoS) attack.
10) Improper locking (CVE-ID: CVE-2024-56559)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the decay_va_pool_node() and purge_vmap_node() functions in mm/vmalloc.c, within the kasan_depopulate_vmalloc_pte() and kasan_release_vmalloc() functions in mm/kasan/shadow.c. A local user can perform a denial of service (DoS) attack.
11) NULL pointer dereference (CVE-ID: CVE-2024-56634)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the grgpio_probe() function in drivers/gpio/gpio-grgpio.c. A local user can perform a denial of service (DoS) attack.
12) Input validation error (CVE-ID: CVE-2024-56647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the icmp_route_lookup() function in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.
13) Improper locking (CVE-ID: CVE-2024-56703)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the |() function in tools/testing/selftests/net/ipv6_route_update_soft_lockup.sh, within the fib6_select_path(), ip6_route_mpath_notify(), rt6_nlmsg_size(), rt6_fill_node() and inet6_rt_notify() functions in net/ipv6/route.c, within the fib6_del_route() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.
14) Resource management error (CVE-ID: CVE-2024-56787)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the imx8mq_soc_revision_from_atf(), imx8mq_soc_revision(), imx8mm_soc_uid(), kasprintf(), imx8_soc_init() and kfree() functions in drivers/soc/imx/soc-imx8m.c. A local user can perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2024-57801)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlx5_esw_for_each_rep() function in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c, within the mlx5_esw_ipsec_restore_dest_uplink() function in drivers/net/ethernet/mellanox/mlx5/core/esw/ipsec_fs.c. A local user can escalate privileges on the system.
16) Use-after-free (CVE-ID: CVE-2024-57849)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cpumsf_pmu_stop() function in arch/s390/kernel/perf_cpum_sf.c. A local user can escalate privileges on the system.
17) Memory leak (CVE-ID: CVE-2024-57872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ufshcd_pltfrm_remove() function in drivers/ufs/host/ufshcd-pltfrm.c. A local user can perform a denial of service (DoS) attack.
18) Out-of-bounds read (CVE-ID: CVE-2024-57893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.
19) Resource management error (CVE-ID: CVE-2024-57904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the at91_ts_register() function in drivers/iio/adc/at91_adc.c. A local user can perform a denial of service (DoS) attack.
20) Improper privilege management (CVE-ID: CVE-2024-57931)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the services_compute_xperms_decision() function in security/selinux/ss/services.c. A local user can read and manipulate data.
21) Improper locking (CVE-ID: CVE-2024-57949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the its_irq_set_vcpu_affinity() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
22) Out-of-bounds read (CVE-ID: CVE-2025-21647)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the cake_ddst(), cake_enqueue() and cake_dequeue() functions in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
23) Buffer overflow (CVE-ID: CVE-2025-21648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_ct_alloc_hashtable() function in net/netfilter/nf_conntrack_core.c. A local user can perform a denial of service (DoS) attack.
24) Out-of-bounds read (CVE-ID: CVE-2025-21653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/cls_flow.c. A local user can perform a denial of service (DoS) attack.
25) Infinite loop (CVE-ID: CVE-2025-21667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the iomap_write_delalloc_scan() function in fs/iomap/buffered-io.c. A local user can perform a denial of service (DoS) attack.
26) Out-of-bounds read (CVE-ID: CVE-2025-21668)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the imx8mp_blk_ctrl_remove() function in drivers/pmdomain/imx/imx8mp-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
27) Use-after-free (CVE-ID: CVE-2025-21694)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __read_vmcore() function in fs/proc/vmcore.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.