Anolis OS update for kernel

1) Use-after-free

EUVDB-ID: #VU69759

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3424

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gru_set_context_option(), gru_fault() and gru_handle_user_call_os() functions in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU70468

Risk: Medium

CVSSv4.0: 5.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Green]

CVE-ID: CVE-2022-3643

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of network packets. An attacker with access to the guest OS can trigger the related physical NIC on the host to reset, abort, or crash by sending certain kinds of packets.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource management error

EUVDB-ID: #VU70465

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-3903

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an incorrect read request flaw in the Infrared Transceiver USB driver in Linux kernel. An attacker with physical access to the system can starve system resources and perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Race condition

EUVDB-ID: #VU68340

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-41849

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in the drivers/video/fbdev/smscufx.c in the Linux kernel. An attacker with physical proximity to the system can remove the USB device while calling open(), cause a race condition between the ufx_ops_open and ufx_usb_disconnect and perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Race condition

EUVDB-ID: #VU75338

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-45887

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in drivers/media/usb/ttusb-dec/ttusb_dec.c in Linux kernel. A local user can exploit the race and crash the kernel.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Divide by zero

EUVDB-ID: #VU92736

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-0615

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

A memory leak flaw and potential divide by 0 and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU72741

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1079

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows an attacker to compromise the vulnerable system.

The vulnerability exists due to a use-after-free error within the asus_kbd_backlight_set() function when plugging in a malicious USB device. An attacker with physical access to the system can inject a malicious USB device, trigger a use-after-free error and execute arbitrary code.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU71764

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-25012

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the bigben_remove() function in drivers/hid/hid-bigbenff.c. An attacker with physical access to the system can attach a specially crafted USB device to the system and cause a denial of service condition.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Resource exhaustion

EUVDB-ID: #VU77953

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-1206

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a hash collision flaw in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when an attacker makes a new kind of SYN flood attack. A remote attacker can increase the CPU usage of the server that accepts IPV6 connections up to 95%.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Infinite loop

EUVDB-ID: #VU74631

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-1390

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in tipc_link_xmit() within the Linux kernel TIPC kernel module when parsing UDp packets. A remote attacker can send two small UDP packets to a system with a UDP bearer and consume all available CPU resources.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper Initialization

EUVDB-ID: #VU74630

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1513

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper initialization when calling the KVM_GET_DEBUGREGS ioctl on 32-bit systems. A local user can run a specially crafted application to gain access to sensitive information.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU75163

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-2002

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: Yes

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper permissions check in the Bluetooth subsystem when handling ioctl system calls of HCI sockets. A local user can acquire a trusted socket, leading to unauthorized execution of management commands.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

13) Information disclosure

EUVDB-ID: #VU79263

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-20569

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to a side channel issue in AMD CPUs. A remote user can influence the return address prediction and gain unauthorized access to sensitive information on the system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU78572

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-20593

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in AMD Zen2 processors. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Note, the vulnerability was dubbed Zenbleed.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU78675

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2860

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU77247

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3006

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

The vulnerability allow a local user to gain access to sensitive information.

The vulnerability exists due to a known cache speculation vulnerability (Spectre-BHB) for the new hw AmpereOne. A local user can gain access to sensitive information.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) NULL pointer dereference

EUVDB-ID: #VU79496

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-31083

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hci_uart_tty_ioctl() function in drivers/bluetooth/hci_ldisc.c. A local user can pass specially crafted data to the system and perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Division by zero

EUVDB-ID: #VU82660

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-31085

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a divide by zero error within the drivers/mtd/ubi/cdev.c driver. A local user can perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU78064

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3159

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the outbound_phy_packet_callback() function in driver/firewire in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Incorrect calculation

EUVDB-ID: #VU77956

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3161

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation in the Framebuffer Console (fbcon) in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) NULL pointer dereference

EUVDB-ID: #VU78063

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3358

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel's Integrated Sensor Hub (ISH) driver. A local user and perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU79491

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-3567

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vc_screen() function in vcs_read in drivers/tty/vt/vc_screen.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Race condition

EUVDB-ID: #VU77957

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35823

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the saa7134_finidev() function in drivers/media/pci/saa7134/saa7134-core.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free

EUVDB-ID: #VU78062

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35824

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Race condition

EUVDB-ID: #VU77958

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35828

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the renesas_usb3_remove() function in drivers/usb/gadget/udc/renesas_usb3.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU81921

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-39192

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary condition within the the u32_match_it() function in Netfilter subsystem in Linux kernel. A local user can trigger an out-of-bounds read error and gain access to sensitive information.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU79486

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4128

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU80580

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4206

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_route component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code on the system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU80587

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4207

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_fw component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free

EUVDB-ID: #VU80586

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4208

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_u32 component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Use-after-free

EUVDB-ID: #VU79712

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4132

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the siano smsusb module in the Linux kernel. A local user can trigger a use-after-free error and crash the kernel.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU82305

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-42755

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the the IPv4 Resource Reservation Protocol (RSVP) classifier function in the Linux kernel. A local user can trigger an out-of-bounds read error and crash the Linux kernel.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) NULL pointer dereference

EUVDB-ID: #VU80800

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4385

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the dbFree() function in fs/jfs/jfs_dmap.c in the journaling file system (JFS). A local user can perform a denial of service (DoS) attack.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Double Free

EUVDB-ID: #VU80796

Risk: Low

CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4387

CWE-ID: CWE-415 - Double Free

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary error within the vmxnet3_rq_alloc_rx_buf() function in drivers/net/vmxnet3/vmxnet3_drv.c in VMware vmxnet3 ethernet NIC driver. A local user can  trigger a double free error and gain access to sensitive information or crash the kernel.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds write

EUVDB-ID: #VU84354

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-45863

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the fill_kobj_path() function in lib/kobject.c. A local user can can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Buffer overflow

EUVDB-ID: #VU83381

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-45871

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the IGB driver in drivers/net/ethernet/intel/igb/igb_main.c when handling frames larger than the MTU. A remote attacker can send specially crafted traffic to the system, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU81664

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4623

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the Linux kernel net/sched: sch_hfsc (HFSC qdisc traffic control) component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Use-after-free

EUVDB-ID: #VU81693

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4921

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the qfq_dequeue() function within the the Linux kernel's net/sched: sch_qfq component. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds write

EUVDB-ID: #VU83311

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-5717

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the Linux kernel's Linux Kernel Performance Events (perf) component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Out-of-bounds write

EUVDB-ID: #VU85021

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6931

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the Linux kernel's Performance Events system component. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU84585

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6932

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local authenticated user to execute arbitrary code.

The vulnerability exists due to a use-after-free error within the ipv4 igmp component in Linux kernel. A local authenticated user can trigger a use-after-free error and execute arbitrary code.

Install updates from vendor's repository.

Anolis OS: 8

python3-perf: before 4.19.91-27.8

kernel-modules-internal: before 4.19.91-27.8

kernel-modules-extra: before 4.19.91-27.8

kernel-modules: before 4.19.91-27.8

kernel-debug-modules-extra: before 4.19.91-27.8

kernel-debug-modules: before 4.19.91-27.8

kernel-debug-core: before 4.19.91-27.8

kernel-core: before 4.19.91-27.8

perf: before 4.19.91-27.8

kernel-tools-libs-devel: before 4.19.91-27.8

kernel-tools-libs: before 4.19.91-27.8

kernel-tools: before 4.19.91-27.8

kernel-headers: before 4.19.91-27.8

kernel-devel: before 4.19.91-27.8

kernel-debug-devel: before 4.19.91-27.8

kernel-debug: before 4.19.91-27.8

kernel: before 4.19.91-27.8

bpftool: before 4.19.91-27.8

• cpe:2.3:o:openanolis:anolis_os:8:*:*:*:*:*:*:*
• cpe:2.3:a:openanolis:python3-perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-internal:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules-extra:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-modules:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-core:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:perf:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools-libs:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-tools:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-headers:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug-devel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel-debug:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:kernel:*:*:*:*:*:anolis_os:*:*
• cpe:2.3:a:openanolis:bpftool:*:*:*:*:*:anolis_os:*:*

https://anas.openanolis.cn/errata/detail/ANSA-2024:0067

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.