SB20250228103 - openEuler 24.03 LTS SP1 update for kernel
Published: February 28, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 22 secuirty vulnerabilities.
1) Infinite loop (CVE-ID: CVE-2024-47794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the bpf_attach_type_to_tramp(), __bpf_trampoline_link_prog(), __bpf_trampoline_unlink_prog(), bpf_shim_tramp_link_release() and bpf_trampoline_link_cgroup_shim() functions in kernel/bpf/trampoline.c, within the bpf_tracing_link_release() and bpf_tracing_prog_attach() functions in kernel/bpf/syscall.c, within the bpf_prog_alloc_no_stats() function in kernel/bpf/core.c, within the prog_fd_array_get_ptr() function in kernel/bpf/arraymap.c. A local user can perform a denial of service (DoS) attack.
2) Improper locking (CVE-ID: CVE-2024-53079)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the destroy_large_folio() function in mm/page_alloc.c, within the mem_cgroup_move_account(), mem_cgroup_move_charge_pte_range(), uncharge_folio() and mem_cgroup_swapout() functions in mm/memcontrol.c, within the __folio_undo_large_rmappable() and deferred_split_folio() functions in mm/huge_memory.c. A local user can perform a denial of service (DoS) attack.
3) Resource management error (CVE-ID: CVE-2024-53164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the choke_drop_by_idx() function in net/sched/sch_choke.c, within the cake_drop() function in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2024-53240)
The vulnerability allows a remote backend to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the guest xen-netfront driver. A a malicious network backend can crash the guest OS.
5) Use-after-free (CVE-ID: CVE-2024-54680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the clean_demultiplex_info(), cifs_get_tcp_session(), cifs_crypto_secmech_release(), cifs_put_tcp_session() and generic_ip_connect() functions in fs/smb/client/connect.c. A local user can perform a denial of service (DoS) attack.
6) Improper error handling (CVE-ID: CVE-2024-56372)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tun_napi_alloc_frags() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
7) Improper locking (CVE-ID: CVE-2024-56607)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ath12k_mac_op_set_bitrate_mask() function in drivers/net/wireless/ath/ath12k/mac.c. A local user can perform a denial of service (DoS) attack.
8) Improper locking (CVE-ID: CVE-2024-56655)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nf_tables_newtable(), nf_tables_rule_destroy(), nf_tables_deactivate_set(), __nft_release_basechain_now() and __nft_release_basechain() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2024-56658)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
10) Improper error handling (CVE-ID: CVE-2024-56659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the include/net/lapb.h. A local user can perform a denial of service (DoS) attack.
11) Resource management error (CVE-ID: CVE-2024-56717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ocelot_ifh_set_basic() function in drivers/net/ethernet/mscc/ocelot.c. A local user can perform a denial of service (DoS) attack.
12) Use-after-free (CVE-ID: CVE-2024-56767)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the at_xdmac_prep_dma_memset() function in drivers/dma/at_xdmac.c. A local user can escalate privileges on the system.
13) Buffer overflow (CVE-ID: CVE-2024-57792)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the set_charge_current_limit() function in drivers/power/supply/gpio-charger.c. A local user can perform a denial of service (DoS) attack.
14) Buffer overflow (CVE-ID: CVE-2024-57804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mpi3mr_read_tsu_interval(), mpi3mr_free_mem(), mpi3mr_free_config_dma_memory() and mpi3mr_process_cfg_req() functions in drivers/scsi/mpi3mr/mpi3mr_fw.c. A local user can perform a denial of service (DoS) attack.
15) Improper locking (CVE-ID: CVE-2024-57807)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the megasas_aen_polling() function in drivers/scsi/megaraid/megaraid_sas_base.c. A local user can perform a denial of service (DoS) attack.
16) Resource management error (CVE-ID: CVE-2024-57930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the process_string() function in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
17) Improper locking (CVE-ID: CVE-2024-57946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtblk_remove() and virtblk_restore() functions in drivers/block/virtio_blk.c. A local user can perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2025-21631)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfq_waker_bfqq() function in block/bfq-iosched.c. A local user can escalate privileges on the system.
19) Use of uninitialized resource (CVE-ID: CVE-2025-21656)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the drivetemp_scsi_command() function in drivers/hwmon/drivetemp.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2025-21689)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the qt2_process_read_urb() function in drivers/usb/serial/quatech2.c. A local user can perform a denial of service (DoS) attack.
21) Resource management error (CVE-ID: CVE-2025-21699)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the do_gfs2_set_flags() function in fs/gfs2/file.c. A local user can perform a denial of service (DoS) attack.
22) Buffer overflow (CVE-ID: CVE-2025-21704)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the acm_process_notification() and acm_ctrl_irq() functions in drivers/usb/class/cdc-acm.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.