openEuler 22.03 LTS SP4 update for kernel



Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2024-49856
CVE-2024-50086
CVE-2024-50287
CVE-2024-53150
CVE-2024-56630
CWE-ID CWE-667
CWE-416
CWE-369
CWE-125
CWE-388
Exploitation vector Local
Public exploit N/A
Vulnerable software
openEuler
Operating systems & Components / Operating system

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Improper locking

EUVDB-ID: #VU99029

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49856

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sgx_alloc_epc_page() function in arch/x86/kernel/cpu/sgx/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-244.0.0.143

python3-perf: before 5.10.0-244.0.0.143

perf-debuginfo: before 5.10.0-244.0.0.143

perf: before 5.10.0-244.0.0.143

kernel-tools-devel: before 5.10.0-244.0.0.143

kernel-tools-debuginfo: before 5.10.0-244.0.0.143

kernel-tools: before 5.10.0-244.0.0.143

kernel-source: before 5.10.0-244.0.0.143

kernel-headers: before 5.10.0-244.0.0.143

kernel-devel: before 5.10.0-244.0.0.143

kernel-debugsource: before 5.10.0-244.0.0.143

kernel-debuginfo: before 5.10.0-244.0.0.143

bpftool-debuginfo: before 5.10.0-244.0.0.143

bpftool: before 5.10.0-244.0.0.143

kernel: before 5.10.0-244.0.0.143

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1014


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU99444

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50086

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the smb2_check_user_session(), smb2_sess_setup() and smb2_session_logoff() functions in fs/smb/server/smb2pdu.c, within the __handle_ksmbd_work() function in fs/smb/server/server.c, within the ksmbd_expire_session(), ksmbd_session_lookup_slowpath(), ksmbd_session_lookup_all() and __session_create() functions in fs/smb/server/mgmt/user_session.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-244.0.0.143

python3-perf: before 5.10.0-244.0.0.143

perf-debuginfo: before 5.10.0-244.0.0.143

perf: before 5.10.0-244.0.0.143

kernel-tools-devel: before 5.10.0-244.0.0.143

kernel-tools-debuginfo: before 5.10.0-244.0.0.143

kernel-tools: before 5.10.0-244.0.0.143

kernel-source: before 5.10.0-244.0.0.143

kernel-headers: before 5.10.0-244.0.0.143

kernel-devel: before 5.10.0-244.0.0.143

kernel-debugsource: before 5.10.0-244.0.0.143

kernel-debuginfo: before 5.10.0-244.0.0.143

bpftool-debuginfo: before 5.10.0-244.0.0.143

bpftool: before 5.10.0-244.0.0.143

kernel: before 5.10.0-244.0.0.143

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1014


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Division by zero

EUVDB-ID: #VU100639

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50287

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the tpg_precalculate_line() function in drivers/media/common/v4l2-tpg/v4l2-tpg-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-244.0.0.143

python3-perf: before 5.10.0-244.0.0.143

perf-debuginfo: before 5.10.0-244.0.0.143

perf: before 5.10.0-244.0.0.143

kernel-tools-devel: before 5.10.0-244.0.0.143

kernel-tools-debuginfo: before 5.10.0-244.0.0.143

kernel-tools: before 5.10.0-244.0.0.143

kernel-source: before 5.10.0-244.0.0.143

kernel-headers: before 5.10.0-244.0.0.143

kernel-devel: before 5.10.0-244.0.0.143

kernel-debugsource: before 5.10.0-244.0.0.143

kernel-debuginfo: before 5.10.0-244.0.0.143

bpftool-debuginfo: before 5.10.0-244.0.0.143

bpftool: before 5.10.0-244.0.0.143

kernel: before 5.10.0-244.0.0.143

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1014


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU101910

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53150

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DESC_LENGTH_CHECK(), validate_clock_source() and validate_clock_selector() functions in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-244.0.0.143

python3-perf: before 5.10.0-244.0.0.143

perf-debuginfo: before 5.10.0-244.0.0.143

perf: before 5.10.0-244.0.0.143

kernel-tools-devel: before 5.10.0-244.0.0.143

kernel-tools-debuginfo: before 5.10.0-244.0.0.143

kernel-tools: before 5.10.0-244.0.0.143

kernel-source: before 5.10.0-244.0.0.143

kernel-headers: before 5.10.0-244.0.0.143

kernel-devel: before 5.10.0-244.0.0.143

kernel-debugsource: before 5.10.0-244.0.0.143

kernel-debuginfo: before 5.10.0-244.0.0.143

bpftool-debuginfo: before 5.10.0-244.0.0.143

bpftool: before 5.10.0-244.0.0.143

kernel: before 5.10.0-244.0.0.143

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1014


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper error handling

EUVDB-ID: #VU102203

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56630

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ocfs2_get_init_inode() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-244.0.0.143

python3-perf: before 5.10.0-244.0.0.143

perf-debuginfo: before 5.10.0-244.0.0.143

perf: before 5.10.0-244.0.0.143

kernel-tools-devel: before 5.10.0-244.0.0.143

kernel-tools-debuginfo: before 5.10.0-244.0.0.143

kernel-tools: before 5.10.0-244.0.0.143

kernel-source: before 5.10.0-244.0.0.143

kernel-headers: before 5.10.0-244.0.0.143

kernel-devel: before 5.10.0-244.0.0.143

kernel-debugsource: before 5.10.0-244.0.0.143

kernel-debuginfo: before 5.10.0-244.0.0.143

bpftool-debuginfo: before 5.10.0-244.0.0.143

bpftool: before 5.10.0-244.0.0.143

kernel: before 5.10.0-244.0.0.143

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1014


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###