openEuler 24.03 LTS update for kernel



Risk Low
Patch available YES
Number of vulnerabilities 20
CVE-ID CVE-2024-41932
CVE-2024-53687
CVE-2024-55916
CVE-2024-56657
CVE-2024-56716
CVE-2024-56719
CVE-2024-56765
CVE-2024-56770
CVE-2024-57798
CVE-2024-57907
CVE-2024-57935
CVE-2024-57977
CVE-2024-58010
CVE-2025-21634
CVE-2025-21650
CVE-2025-21651
CVE-2025-21731
CVE-2025-21733
CVE-2025-21802
CVE-2025-21815
CWE-ID CWE-399
CWE-476
CWE-682
CWE-416
CWE-401
CWE-20
CWE-667
CWE-190
CWE-125
Exploitation vector Local
Public exploit N/A
Vulnerable software
openEuler
Operating systems & Components / Operating system

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 20 vulnerabilities.

1) Resource management error

EUVDB-ID: #VU102983

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41932

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the __sched_setaffinity() function in kernel/sched/syscalls.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU102975

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53687

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the arch/riscv/include/asm/kfence.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU102929

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-55916

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the util_probe() function in drivers/hv/hv_util.c, within the hv_vss_init() function in drivers/hv/hv_snapshot.c, within the hv_kvp_init() function in drivers/hv/hv_kvp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource management error

EUVDB-ID: #VU102246

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56657

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the snd_ctl_led_sysfs_add() function in sound/core/control_led.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Incorrect calculation

EUVDB-ID: #VU102256

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56716

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the nsim_dev_health_break_write() function in drivers/net/netdevsim/health.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU102009

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56719

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the stmmac_tso_xmit() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU102396

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56765

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vas_mmap_fault() function in arch/powerpc/platforms/book3s/vas-api.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU102490

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56770

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the tfifo_reset(), tfifo_enqueue(), netem_enqueue() and netem_dequeue() functions in net/sched/sch_netem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU102915

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57798

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_dp_mst_up_req_work() and drm_dp_mst_handle_up_req() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Memory leak

EUVDB-ID: #VU103003

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57907

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the rockchip_saradc_trigger_handler() function in drivers/iio/adc/rockchip_saradc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Input validation error

EUVDB-ID: #VU103143

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57935

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the put_dip_ctx_idx() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper locking

EUVDB-ID: #VU105026

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57977

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dump_tasks() function in mm/oom_kill.c, within the mem_cgroup_scan_tasks() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Integer overflow

EUVDB-ID: #VU105047

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58010

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the load_flat_file() function in fs/binfmt_flat.c. A local user can execute arbitrary code.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Improper locking

EUVDB-ID: #VU103035

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21634

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cpuset_write_resmask() function in kernel/cgroup/cpuset.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU103015

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21650

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hclgevf_get_regs_len() and hclgevf_get_regs() functions in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_regs.c, within the hclge_fetch_pf_reg() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_regs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Resource management error

EUVDB-ID: #VU103046

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21651

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hclge_misc_irq_init(), hclge_init_ae_dev() and hclge_uninit_ae_dev() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU104969

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21731

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nbd_disconnect_and_put() function in drivers/block/nbd.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Resource management error

EUVDB-ID: #VU105074

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21733

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the trace_sched_migrate_callback() and register_migration_monitor() functions in kernel/trace/trace_osnoise.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Input validation error

EUVDB-ID: #VU105162

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21802

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hclgevf_init() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c, within the hclge_init() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c, within the module_init() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c, within the EXPORT_SYMBOL() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU105137

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21815

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isolate_freepages_block() function in mm/compaction.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 24.03 LTS

python3-perf-debuginfo: before 6.6.0-80.0.0.74

python3-perf: before 6.6.0-80.0.0.74

perf-debuginfo: before 6.6.0-80.0.0.74

perf: before 6.6.0-80.0.0.74

kernel-tools-devel: before 6.6.0-80.0.0.74

kernel-tools-debuginfo: before 6.6.0-80.0.0.74

kernel-tools: before 6.6.0-80.0.0.74

kernel-source: before 6.6.0-80.0.0.74

kernel-headers: before 6.6.0-80.0.0.74

kernel-devel: before 6.6.0-80.0.0.74

kernel-debugsource: before 6.6.0-80.0.0.74

kernel-debuginfo: before 6.6.0-80.0.0.74

bpftool-debuginfo: before 6.6.0-80.0.0.74

bpftool: before 6.6.0-80.0.0.74

kernel: before 6.6.0-80.0.0.74

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1248


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###