openEuler update for kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2020-26141 CVE-2020-26145 CVE-2021-42252 CVE-2021-42739 |
| CWE-ID | CWE-20 CWE-787 CWE-119 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system python2-perf Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component python2-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf-debuginfo Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component bpftool-debuginfo Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU53176
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-26141
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. A remote attacker on the local network can inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP2
python2-perf: before 4.19.90-2110.8.0.0120
kernel-debuginfo: before 4.19.90-2110.8.0.0120
python2-perf-debuginfo: before 4.19.90-2110.8.0.0120
python3-perf-debuginfo: before 4.19.90-2110.8.0.0120
bpftool: before 4.19.90-2110.8.0.0120
kernel-tools: before 4.19.90-2110.8.0.0120
kernel-debugsource: before 4.19.90-2110.8.0.0120
kernel-tools-devel: before 4.19.90-2110.8.0.0120
python3-perf: before 4.19.90-2110.8.0.0120
bpftool-debuginfo: before 4.19.90-2110.8.0.0120
perf-debuginfo: before 4.19.90-2110.8.0.0120
kernel-devel: before 4.19.90-2110.8.0.0120
kernel-tools-debuginfo: before 4.19.90-2110.8.0.0120
kernel-source: before 4.19.90-2110.8.0.0120
perf: before 4.19.90-2110.8.0.0120
kernel: before 4.19.90-2110.8.0.0120
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:a:openeuler:python2-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python2-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1407
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU53155
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-26145
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. A remote attacker on the local network can inject arbitrary network packets independent of the network configuration.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP2
python2-perf: before 4.19.90-2110.8.0.0120
kernel-debuginfo: before 4.19.90-2110.8.0.0120
python2-perf-debuginfo: before 4.19.90-2110.8.0.0120
python3-perf-debuginfo: before 4.19.90-2110.8.0.0120
bpftool: before 4.19.90-2110.8.0.0120
kernel-tools: before 4.19.90-2110.8.0.0120
kernel-debugsource: before 4.19.90-2110.8.0.0120
kernel-tools-devel: before 4.19.90-2110.8.0.0120
python3-perf: before 4.19.90-2110.8.0.0120
bpftool-debuginfo: before 4.19.90-2110.8.0.0120
perf-debuginfo: before 4.19.90-2110.8.0.0120
kernel-devel: before 4.19.90-2110.8.0.0120
kernel-tools-debuginfo: before 4.19.90-2110.8.0.0120
kernel-source: before 4.19.90-2110.8.0.0120
perf: before 4.19.90-2110.8.0.0120
kernel: before 4.19.90-2110.8.0.0120
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:a:openeuler:python2-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python2-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1407
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU93833
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-42252
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the aspeed_lpc_ctrl_mmap() function in drivers/soc/aspeed/aspeed-lpc-ctrl.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP2
python2-perf: before 4.19.90-2110.8.0.0120
kernel-debuginfo: before 4.19.90-2110.8.0.0120
python2-perf-debuginfo: before 4.19.90-2110.8.0.0120
python3-perf-debuginfo: before 4.19.90-2110.8.0.0120
bpftool: before 4.19.90-2110.8.0.0120
kernel-tools: before 4.19.90-2110.8.0.0120
kernel-debugsource: before 4.19.90-2110.8.0.0120
kernel-tools-devel: before 4.19.90-2110.8.0.0120
python3-perf: before 4.19.90-2110.8.0.0120
bpftool-debuginfo: before 4.19.90-2110.8.0.0120
perf-debuginfo: before 4.19.90-2110.8.0.0120
kernel-devel: before 4.19.90-2110.8.0.0120
kernel-tools-debuginfo: before 4.19.90-2110.8.0.0120
kernel-source: before 4.19.90-2110.8.0.0120
perf: before 4.19.90-2110.8.0.0120
kernel: before 4.19.90-2110.8.0.0120
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:a:openeuler:python2-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python2-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1407
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU59474
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-42739
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.
Install updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP2
python2-perf: before 4.19.90-2110.8.0.0120
kernel-debuginfo: before 4.19.90-2110.8.0.0120
python2-perf-debuginfo: before 4.19.90-2110.8.0.0120
python3-perf-debuginfo: before 4.19.90-2110.8.0.0120
bpftool: before 4.19.90-2110.8.0.0120
kernel-tools: before 4.19.90-2110.8.0.0120
kernel-debugsource: before 4.19.90-2110.8.0.0120
kernel-tools-devel: before 4.19.90-2110.8.0.0120
python3-perf: before 4.19.90-2110.8.0.0120
bpftool-debuginfo: before 4.19.90-2110.8.0.0120
perf-debuginfo: before 4.19.90-2110.8.0.0120
kernel-devel: before 4.19.90-2110.8.0.0120
kernel-tools-debuginfo: before 4.19.90-2110.8.0.0120
kernel-source: before 4.19.90-2110.8.0.0120
perf: before 4.19.90-2110.8.0.0120
kernel: before 4.19.90-2110.8.0.0120
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:a:openeuler:python2-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python2-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:python3-perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:bpftool-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-tools-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel-source:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:perf:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:kernel:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1407
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
