SB20250228106 - openEuler 22.03 LTS SP3 update for kernel

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2024-50150)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the typec_altmode_release() and typec_register_altmode() functions in drivers/usb/typec/class.c. A local user can escalate privileges on the system.

2) Out-of-bounds read (CVE-ID: CVE-2024-56650)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.

3) Use-after-free (CVE-ID: CVE-2024-56658)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.

4) Input validation error (CVE-ID: CVE-2024-56754)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the caam_qi_init() function in drivers/crypto/caam/qi.c. A local user can perform a denial of service (DoS) attack.

5) Buffer overflow (CVE-ID: CVE-2024-57792)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the set_charge_current_limit() function in drivers/power/supply/gpio-charger.c. A local user can perform a denial of service (DoS) attack.

6) Use-after-free (CVE-ID: CVE-2024-57795)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rxe_query_port(), rxe_enable_driver(), INIT_RDMA_OBJ_SIZE() and rxe_register_device() functions in drivers/infiniband/sw/rxe/rxe_verbs.c, within the rxe_parent_name(), rxe_net_add() and rxe_port_down() functions in drivers/infiniband/sw/rxe/rxe_net.c, within the rxe_mcast_add() function in drivers/infiniband/sw/rxe/rxe_mcast.c, within the rxe_dealloc(), rxe_init_device_param(), rxe_init_port_param() and rxe_set_mtu() functions in drivers/infiniband/sw/rxe/rxe.c. A local user can escalate privileges on the system.

7) Use-after-free (CVE-ID: CVE-2024-57857)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the siw_query_device(), siw_query_port() and siw_query_qp() functions in drivers/infiniband/sw/siw/siw_verbs.c, within the siw_device_create(), siw_netdev_event() and siw_newlink() functions in drivers/infiniband/sw/siw/siw_main.c, within the siw_create_listen() and siw_cep_set_free_and_put() functions in drivers/infiniband/sw/siw/siw_cm.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1202