Main Vulnerability Database SB2025032917

SB2025032917 - openEuler 20.03 LTS SP4 update for kernel

Published: March 29, 2025

Security Bulletin ID SB2025032917

Severity

Low

Patch available

YES

Number of vulnerabilities 19

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 19 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2021-47659)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the drm_universal_plane_init() function in drivers/gpu/drm/drm_plane.c. A local user can perform a denial of service (DoS) attack.

2) Use-after-free (CVE-ID: CVE-2022-49053)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcmu_try_get_data_page() and tcmu_vma_fault() functions in drivers/target/target_core_user.c. A local user can escalate privileges on the system.

3) Memory leak (CVE-ID: CVE-2022-49243)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the at91sam9g20ek_audio_probe() function in sound/soc/atmel/sam9g20_wm8731.c. A local user can perform a denial of service (DoS) attack.

4) Buffer overflow (CVE-ID: CVE-2022-49292)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the snd_pcm_plugin_alloc() function in sound/core/oss/pcm_plugin.c, within the snd_pcm_oss_period_size() and snd_pcm_oss_change_params_locked() functions in sound/core/oss/pcm_oss.c. A local user can escalate privileges on the system.

5) NULL pointer dereference (CVE-ID: CVE-2022-49335)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_cs_parser_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c. A local user can perform a denial of service (DoS) attack.

6) Double free (CVE-ID: CVE-2022-49350)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the mdio_bus_init() function in drivers/net/phy/mdio_bus.c. A local user can perform a denial of service (DoS) attack.

7) Memory leak (CVE-ID: CVE-2022-49381)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the jffs2_free_raw_node_refs() function in fs/jffs2/fs.c. A local user can perform a denial of service (DoS) attack.

8) Use-after-free (CVE-ID: CVE-2022-49388)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spin_unlock() function in drivers/mtd/ubi/vmt.c. A local user can escalate privileges on the system.

9) NULL pointer dereference (CVE-ID: CVE-2022-49490)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mdp5_plane_atomic_check_with_state() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_plane.c, within the mdp5_pipe_assign() and mdp5_pipe_release() functions in drivers/gpu/drm/msm/disp/mdp5/mdp5_pipe.c. A local user can perform a denial of service (DoS) attack.

10) Double free (CVE-ID: CVE-2022-49508)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the elan_input_configured() function in drivers/hid/hid-elan.c. A local user can perform a denial of service (DoS) attack.

11) Use-after-free (CVE-ID: CVE-2022-49535)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_initial_flogi(), lpfc_initial_fdisc(), lpfc_cmpl_els_plogi(), lpfc_cmpl_els_prli() and lpfc_cmpl_els_adisc() functions in drivers/scsi/lpfc/lpfc_els.c. A local user can escalate privileges on the system.

12) Race condition within a thread (CVE-ID: CVE-2022-49603)

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to a data race within the ip_forward() function in net/ipv4/ip_forward.c, within the mlxsw_sp_dscp_init() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c. A local user can corrupt data.

13) Use-after-free (CVE-ID: CVE-2022-49625)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the efx_ef10_try_update_nic_stats_vf() function in drivers/net/ethernet/sfc/ef10.c. A local user can escalate privileges on the system.

14) Memory leak (CVE-ID: CVE-2022-49678)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.

15) Memory leak (CVE-ID: CVE-2022-49713)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dwc2_hcd_init() function in drivers/usb/dwc2/hcd.c. A local user can perform a denial of service (DoS) attack.

16) Out-of-bounds read (CVE-ID: CVE-2022-49720)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the blk_mq_alloc_request_hctx() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.

17) Integer overflow (CVE-ID: CVE-2022-49727)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the l2tp_ip6_sendmsg() function in net/l2tp/l2tp_ip6.c. A local user can execute arbitrary code.

18) Incorrect calculation (CVE-ID: CVE-2025-21687)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the vfio_platform_read_mmio() and vfio_platform_write_mmio() functions in drivers/vfio/platform/vfio_platform_common.c. A local user can perform a denial of service (DoS) attack.

19) Improper error handling (CVE-ID: CVE-2025-21806)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the proc_do_dev_weight() and sizeof() functions in net/core/sysctl_net_core.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1336

Vulnerable Software

openEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2503.5.0.0321
python3-perf: before 4.19.90-2503.5.0.0321
python2-perf-debuginfo: before 4.19.90-2503.5.0.0321
python2-perf: before 4.19.90-2503.5.0.0321
perf-debuginfo: before 4.19.90-2503.5.0.0321
perf: before 4.19.90-2503.5.0.0321
kernel-tools-devel: before 4.19.90-2503.5.0.0321
kernel-tools-debuginfo: before 4.19.90-2503.5.0.0321
kernel-tools: before 4.19.90-2503.5.0.0321
kernel-source: before 4.19.90-2503.5.0.0321
kernel-devel: before 4.19.90-2503.5.0.0321
kernel-debugsource: before 4.19.90-2503.5.0.0321
kernel-debuginfo: before 4.19.90-2503.5.0.0321
bpftool-debuginfo: before 4.19.90-2503.5.0.0321
bpftool: before 4.19.90-2503.5.0.0321
kernel: before 4.19.90-2503.5.0.0321

SB2025032917 - openEuler 20.03 LTS SP4 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human