Main Vulnerability Database SB2024070538

SB2024070538 - openEuler 22.03 LTS SP4 update for kernel

Published: July 5, 2024

Security Bulletin ID SB2024070538

Severity

Low

Patch available

YES

Number of vulnerabilities 8

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2024-27405)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.

2) Use-after-free (CVE-ID: CVE-2024-35899)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nf_tables_module_exit() function in net/netfilter/nf_tables_api.c. A local user can escalate privileges on the system.

3) Out-of-bounds read (CVE-ID: CVE-2024-37356)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net/ipv4/tcp_dctcp.c. A local user can perform a denial of service (DoS) attack.

4) Out-of-bounds read (CVE-ID: CVE-2024-38556)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cmd_work_handler(), wait_func() and mlx5_cmd_invoke() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

5) Out-of-bounds read (CVE-ID: CVE-2024-38599)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.

6) Integer overflow (CVE-ID: CVE-2024-38624)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the log_read_rst() function in fs/ntfs3/fslog.c. A local user can execute arbitrary code.

7) Use-after-free (CVE-ID: CVE-2024-38630)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cpu5wdt_exit() function in drivers/watchdog/cpu5wdt.c. A local user can escalate privileges on the system.

8) Improper locking (CVE-ID: CVE-2024-38661)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1795

Vulnerable Software

openEuler: 22.03 LTS SP4
python3-perf-debuginfo: before 5.10.0-217.0.0.116
python3-perf: before 5.10.0-217.0.0.116
perf-debuginfo: before 5.10.0-217.0.0.116
perf: before 5.10.0-217.0.0.116
kernel-tools-devel: before 5.10.0-217.0.0.116
kernel-tools-debuginfo: before 5.10.0-217.0.0.116
kernel-tools: before 5.10.0-217.0.0.116
kernel-source: before 5.10.0-217.0.0.116
kernel-headers: before 5.10.0-217.0.0.116
kernel-devel: before 5.10.0-217.0.0.116
kernel-debugsource: before 5.10.0-217.0.0.116
kernel-debuginfo: before 5.10.0-217.0.0.116
bpftool-debuginfo: before 5.10.0-217.0.0.116
bpftool: before 5.10.0-217.0.0.116
kernel: before 5.10.0-217.0.0.116

SB2024070538 - openEuler 22.03 LTS SP4 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human