Main Vulnerability Database SB2024080967

SB2024080967 - openEuler 24.03 LTS update for kernel

Published: August 9, 2024

Security Bulletin ID SB2024080967

Severity

Low

Patch available

YES

Number of vulnerabilities 78

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 78 secuirty vulnerabilities.

1) Use of uninitialized resource (CVE-ID: CVE-2024-33619)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the efi_free() function in drivers/firmware/efi/libstub/fdt.c. A local user can perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2024-35247)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.

3) Buffer overflow (CVE-ID: CVE-2024-35848)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the at24_probe() function in drivers/misc/eeprom/at24.c. A local user can escalate privileges on the system.

4) Memory leak (CVE-ID: CVE-2024-35859)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bdev_open_by_dev() function in block/bdev.c. A local user can perform a denial of service (DoS) attack.

5) Out-of-bounds read (CVE-ID: CVE-2024-35966)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.

6) Resource management error (CVE-ID: CVE-2024-36890)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the include/linux/slab.h. A local user can perform a denial of service (DoS) attack.

7) NULL pointer dereference (CVE-ID: CVE-2024-36896)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can perform a denial of service (DoS) attack.

8) Use-after-free (CVE-ID: CVE-2024-36899)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.

9) NULL pointer dereference (CVE-ID: CVE-2024-36901)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ip6_output() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.

10) Improper locking (CVE-ID: CVE-2024-36944)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.

11) Improper privilege management (CVE-ID: CVE-2024-36964)

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

12) Out-of-bounds read (CVE-ID: CVE-2024-38556)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cmd_work_handler(), wait_func() and mlx5_cmd_invoke() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

13) Buffer overflow (CVE-ID: CVE-2024-38576)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the kernel/rcu/tree_stall.h. A local user can escalate privileges on the system.

14) Improper locking (CVE-ID: CVE-2024-38600)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_card_disconnect() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.

15) Out-of-bounds read (CVE-ID: CVE-2024-38606)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the validate_tl_data() and adf_tl_run() functions in drivers/crypto/intel/qat/qat_common/adf_telemetry.c, within the adf_gen4_init_tl_data() function in drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c. A local user can perform a denial of service (DoS) attack.

16) Resource management error (CVE-ID: CVE-2024-38607)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.

17) Buffer overflow (CVE-ID: CVE-2024-38617)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the DEFINE_ALLOC_SIZE_TEST_PAIR() function in lib/fortify_kunit.c. A local user can perform a denial of service (DoS) attack.

18) Out-of-bounds read (CVE-ID: CVE-2024-39471)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.

19) NULL pointer dereference (CVE-ID: CVE-2024-39473)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sof_ipc4_get_input_pin_audio_fmt() function in sound/soc/sof/ipc4-topology.c. A local user can perform a denial of service (DoS) attack.

20) Division by zero (CVE-ID: CVE-2024-39475)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the savagefb_probe() function in drivers/video/fbdev/savage/savagefb_driver.c. A local user can perform a denial of service (DoS) attack.

21) Input validation error (CVE-ID: CVE-2024-39481)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the media_pipeline_explore_next_link() function in drivers/media/mc/mc-entity.c. A local user can perform a denial of service (DoS) attack.

22) Use-after-free (CVE-ID: CVE-2024-39486)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_file_update_pid() function in drivers/gpu/drm/drm_file.c. A local user can escalate privileges on the system.

23) Memory leak (CVE-ID: CVE-2024-39493)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the adf_device_reset_worker() and adf_dev_aer_schedule_reset() functions in drivers/crypto/qat/qat_common/adf_aer.c. A local user can perform a denial of service (DoS) attack.

24) Use-after-free (CVE-ID: CVE-2024-39496)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_load_zone_info() function in fs/btrfs/zoned.c. A local user can escalate privileges on the system.

25) Use-after-free (CVE-ID: CVE-2024-39503)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the list_set_kadd(), list_set_kdel(), list_set_utest(), list_set_uadd(), list_set_udel() and list_set_destroy() functions in net/netfilter/ipset/ip_set_list_set.c, within the call_rcu(), ip_set_destroy() and ip_set_net_init() functions in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.

26) Use-after-free (CVE-ID: CVE-2024-40900)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cachefiles_flush_reqs() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.

27) Memory leak (CVE-ID: CVE-2024-40906)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mlx5_function_teardown() function in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.

28) Input validation error (CVE-ID: CVE-2024-40908)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __bpf_prog_test_run_raw_tp() function in net/bpf/test_run.c. A local user can perform a denial of service (DoS) attack.

29) Use-after-free (CVE-ID: CVE-2024-40913)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cachefiles_req_put(), cachefiles_ondemand_restore(), cachefiles_ondemand_get_fd() and cachefiles_ondemand_daemon_read() functions in fs/cachefiles/ondemand.c. A local user can escalate privileges on the system.

30) Use-after-free (CVE-ID: CVE-2024-40920)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the br_mst_set_state() function in net/bridge/br_mst.c. A local user can escalate privileges on the system.

31) NULL pointer dereference (CVE-ID: CVE-2024-40921)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the br_mst_get_state(), br_mst_set_state() and br_mst_vlan_sync_state() functions in net/bridge/br_mst.c. A local user can perform a denial of service (DoS) attack.

32) Improper locking (CVE-ID: CVE-2024-40922)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_rsrc_ref_quiesce() function in io_uring/rsrc.c. A local user can perform a denial of service (DoS) attack.

33) Use-after-free (CVE-ID: CVE-2024-40935)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cachefiles_daemon_open() function in fs/cachefiles/daemon.c. A local user can escalate privileges on the system.

34) Out-of-bounds read (CVE-ID: CVE-2024-40953)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the kvm_vcpu_on_spin() function in virt/kvm/kvm_main.c. A local user can perform a denial of service (DoS) attack.

35) NULL pointer dereference (CVE-ID: CVE-2024-40962)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the btrfs_submit_chunk() function in fs/btrfs/bio.c. A local user can perform a denial of service (DoS) attack.

36) Improper locking (CVE-ID: CVE-2024-40967)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the imx_uart_console_write() function in drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.

37) Improper locking (CVE-ID: CVE-2024-40981)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the batadv_purge_orig_ref() function in net/batman-adv/originator.c. A local user can perform a denial of service (DoS) attack.

38) Memory leak (CVE-ID: CVE-2024-41006)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nr_heartbeat_expiry() function in net/netrom/nr_timer.c. A local user can perform a denial of service (DoS) attack.

39) Use-after-free (CVE-ID: CVE-2024-41010)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ingress_init(), ingress_destroy(), clsact_init() and clsact_destroy() functions in net/sched/sch_ingress.c. A local user can escalate privileges on the system.

40) Out-of-bounds read (CVE-ID: CVE-2024-41013)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __xfs_dir3_data_check() function in fs/xfs/libxfs/xfs_dir2_data.c. A local user can perform a denial of service (DoS) attack.

41) Out-of-bounds read (CVE-ID: CVE-2024-41014)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xlog_recover_process_data() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.

42) Out-of-bounds read (CVE-ID: CVE-2024-41018)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the log_replay() function in fs/ntfs3/fslog.c. A local user can perform a denial of service (DoS) attack.

43) Out-of-bounds read (CVE-ID: CVE-2024-41019)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the check_rstbl() function in fs/ntfs3/fslog.c. A local user can perform a denial of service (DoS) attack.

44) Improper locking (CVE-ID: CVE-2024-41020)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fcntl_setlk64() function in fs/locks.c. A local user can perform a denial of service (DoS) attack.

45) Improper error handling (CVE-ID: CVE-2024-41021)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the handle_fault_error_nolock() function in arch/s390/mm/fault.c. A local user can perform a denial of service (DoS) attack.

46) Memory leak (CVE-ID: CVE-2024-41023)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the enqueue_task_dl() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.

47) Buffer overflow (CVE-ID: CVE-2024-41039)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the cs_dsp_adsp1_parse_sizes(), cs_dsp_adsp2_parse_sizes(), cs_dsp_load() and cs_dsp_buf_free() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can escalate privileges on the system.

48) Use-after-free (CVE-ID: CVE-2024-41040)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the net/sched/act_ct.c. A local user can escalate privileges on the system.

49) Resource management error (CVE-ID: CVE-2024-41041)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the sock_set_flag() and spin_unlock() functions in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.

50) Input validation error (CVE-ID: CVE-2024-41044)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ppp_read() and ppp_write() functions in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.

51) Use-after-free (CVE-ID: CVE-2024-41045)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bpf_timer_delete_work(), __bpf_async_init() and __bpf_spin_unlock_irqrestore() functions in kernel/bpf/helpers.c. A local user can escalate privileges on the system.

52) NULL pointer dereference (CVE-ID: CVE-2024-41048)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sk_msg_recvmsg() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.

53) Use-after-free (CVE-ID: CVE-2024-41049)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the posix_lock_inode() function in fs/locks.c. A local user can escalate privileges on the system.

54) Input validation error (CVE-ID: CVE-2024-41056)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cs_dsp_coeff_parse_alg() and cs_dsp_coeff_parse_coeff() functions in drivers/firmware/cirrus/cs_dsp.c. A local user can perform a denial of service (DoS) attack.

55) NULL pointer dereference (CVE-ID: CVE-2024-41062)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the l2cap_sock_kill(), l2cap_sock_new_connection_cb() and l2cap_sock_recv_cb() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.

56) Improper locking (CVE-ID: CVE-2024-41063)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hci_unregister_dev() function in net/bluetooth/hci_core.c. A local user can perform a denial of service (DoS) attack.

57) Improper locking (CVE-ID: CVE-2024-41064)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the eeh_pe_bus_get() function in arch/powerpc/kernel/eeh_pe.c. A local user can perform a denial of service (DoS) attack.

58) Use-after-free (CVE-ID: CVE-2024-41069)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the soc_tplg_dapm_graph_elems_load() function in sound/soc/soc-topology.c. A local user can escalate privileges on the system.

59) Input validation error (CVE-ID: CVE-2024-41072)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cfg80211_wext_siwscan() function in net/wireless/scan.c. A local user can perform a denial of service (DoS) attack.

60) Double free (CVE-ID: CVE-2024-41073)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the nvme_cleanup_cmd() function in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.

61) Improper locking (CVE-ID: CVE-2024-41074)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cachefiles_ondemand_copen() function in fs/cachefiles/ondemand.c. A local user can perform a denial of service (DoS) attack.

62) Input validation error (CVE-ID: CVE-2024-41075)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cachefiles_ondemand_fd_llseek(), cachefiles_ondemand_fd_ioctl() and cachefiles_ondemand_copen() functions in fs/cachefiles/ondemand.c. A local user can perform a denial of service (DoS) attack.

63) Memory leak (CVE-ID: CVE-2024-41076)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfs4_set_security_label() function in fs/nfs/nfs4proc.c. A local user can perform a denial of service (DoS) attack.

64) NULL pointer dereference (CVE-ID: CVE-2024-41077)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the null_validate_conf() function in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.

65) Improper locking (CVE-ID: CVE-2024-41080)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_register_iowq_max_workers() function in io_uring/register.c. A local user can perform a denial of service (DoS) attack.

66) NULL pointer dereference (CVE-ID: CVE-2024-41085)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cxl_mem_probe() function in drivers/cxl/mem.c, within the cxl_pmem_region_alloc() function in drivers/cxl/core/region.c, within the match_nvdimm_bridge() and cxlmd_release_nvdimm() functions in drivers/cxl/core/pmem.c. A local user can perform a denial of service (DoS) attack.

67) Out-of-bounds read (CVE-ID: CVE-2024-41090)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tap_get_user_xdp() function in drivers/net/tap.c. A local user can perform a denial of service (DoS) attack.

68) Out-of-bounds read (CVE-ID: CVE-2024-41091)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tun_xdp_one() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.

69) Use-after-free (CVE-ID: CVE-2024-41096)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the msi_capability_init() function in drivers/pci/msi/msi.c. A local user can escalate privileges on the system.

70) Incorrect calculation (CVE-ID: CVE-2024-42068)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the jit_subprogs() function in kernel/bpf/verifier.c, within the bpf_prog_select_runtime() function in kernel/bpf/core.c. A local user can perform a denial of service (DoS) attack.

71) Buffer overflow (CVE-ID: CVE-2024-42086)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the bme680_compensate_temp(), bme680_compensate_press() and bme680_compensate_humid() functions in drivers/iio/chemical/bme680_core.c. A local user can escalate privileges on the system.

72) Input validation error (CVE-ID: CVE-2024-42097)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the load_data() and load_guspatch() functions in sound/synth/emux/soundfont.c. A local user can perform a denial of service (DoS) attack.

73) Use-after-free (CVE-ID: CVE-2024-42115)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the jffs2_i_init_once() function in fs/jffs2/super.c. A local user can escalate privileges on the system.

74) Input validation error (CVE-ID: CVE-2024-42126)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the pcpu_cpu_to_node() and setup_per_cpu_areas() functions in arch/powerpc/kernel/setup_64.c. A local user can perform a denial of service (DoS) attack.

75) Resource management error (CVE-ID: CVE-2024-42129)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mlxreg_led_probe() function in drivers/leds/leds-mlxreg.c. A local user can perform a denial of service (DoS) attack.

76) Input validation error (CVE-ID: CVE-2024-42155)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the pkey_unlocked_ioctl() function in drivers/s390/crypto/pkey_api.c. A local user can perform a denial of service (DoS) attack.

77) Incorrect calculation (CVE-ID: CVE-2024-42162)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the gve_get_drvinfo() and gve_get_ethtool_stats() functions in drivers/net/ethernet/google/gve/gve_ethtool.c. A local user can perform a denial of service (DoS) attack.

78) Use of uninitialized resource (CVE-ID: CVE-2024-42228)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the amdgpu_vce_ring_parse_cs() function in drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1960

Vulnerable Software

openEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-37.0.0.44
python3-perf: before 6.6.0-37.0.0.44
perf-debuginfo: before 6.6.0-37.0.0.44
perf: before 6.6.0-37.0.0.44
kernel-tools-devel: before 6.6.0-37.0.0.44
kernel-tools-debuginfo: before 6.6.0-37.0.0.44
kernel-tools: before 6.6.0-37.0.0.44
kernel-source: before 6.6.0-37.0.0.44
kernel-headers: before 6.6.0-37.0.0.44
kernel-devel: before 6.6.0-37.0.0.44
kernel-debugsource: before 6.6.0-37.0.0.44
kernel-debuginfo: before 6.6.0-37.0.0.44
bpftool-debuginfo: before 6.6.0-37.0.0.44
bpftool: before 6.6.0-37.0.0.44
kernel: before 6.6.0-37.0.0.44

SB2024080967 - openEuler 24.03 LTS update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human