SB2024120661 - openEuler 20.03 LTS SP4 update for kernel

Main Vulnerability Database SB2024120661

SB2024120661 - openEuler 20.03 LTS SP4 update for kernel

Published: December 6, 2024

Security Bulletin ID SB2024120661

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 9

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 9 vulnerabilities.

1) Resource management error (CVE-ID: CVE-2024-50148)

CWE-ID: CWE-399 - Resource Management Errors

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bnep_init() function in net/bluetooth/bnep/core.c. A local user can perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2024-50230)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the nilfs_clear_dirty_page() function in fs/nilfs2/page.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2024-50236)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the wmi_process_mgmt_tx_comp() and ath10k_wmi_mgmt_tx_clean_up_pending() functions in drivers/net/wireless/ath/ath10k/wmi.c, within the ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can perform a denial of service (DoS) attack.

4) Out-of-bounds read (CVE-ID: CVE-2024-50262)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the trie_get_next_key() function in kernel/bpf/lpm_trie.c. A local user can perform a denial of service (DoS) attack.

5) Memory leak (CVE-ID: CVE-2024-50265)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ocfs2_xa_remove() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2024-50299)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sctp_sf_ootb() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.

7) Improper locking (CVE-ID: CVE-2024-53052)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_write_prep() and io_write() functions in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.

8) NULL pointer dereference (CVE-ID: CVE-2024-53060)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_atif_call() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c. A local user can perform a denial of service (DoS) attack.

9) Use of uninitialized resource (CVE-ID: CVE-2024-53101)

CWE-ID: CWE-908 - Use of Uninitialized Resource

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ocfs2_setattr() function in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2520

Vulnerable Software

openEuler: 20.03 LTS SP4
kernel: before 4.19.90-2412.1.0.0306
bpftool: before 4.19.90-2412.1.0.0306
bpftool-debuginfo: before 4.19.90-2412.1.0.0306
kernel-debuginfo: before 4.19.90-2412.1.0.0306
kernel-debugsource: before 4.19.90-2412.1.0.0306
kernel-devel: before 4.19.90-2412.1.0.0306
kernel-source: before 4.19.90-2412.1.0.0306
kernel-tools: before 4.19.90-2412.1.0.0306
kernel-tools-debuginfo: before 4.19.90-2412.1.0.0306
kernel-tools-devel: before 4.19.90-2412.1.0.0306
perf: before 4.19.90-2412.1.0.0306
perf-debuginfo: before 4.19.90-2412.1.0.0306
python2-perf: before 4.19.90-2412.1.0.0306
python2-perf-debuginfo: before 4.19.90-2412.1.0.0306
python3-perf: before 4.19.90-2412.1.0.0306
python3-perf-debuginfo: before 4.19.90-2412.1.0.0306