Risk | Low |
Patch available | YES |
Number of vulnerabilities | 28 |
CVE-ID | CVE-2022-49034 CVE-2022-49035 CVE-2024-47684 CVE-2024-50142 CVE-2024-50264 CVE-2024-53103 CVE-2024-53124 CVE-2024-53140 CVE-2024-53141 CVE-2024-53146 CVE-2024-53158 CVE-2024-53165 CVE-2024-53173 CVE-2024-53183 CVE-2024-53184 CVE-2024-53194 CVE-2024-53197 CVE-2024-53214 CVE-2024-53217 CVE-2024-53239 CVE-2024-56531 CVE-2024-56532 CVE-2024-56539 CVE-2024-56681 CVE-2024-56700 CVE-2024-56704 CVE-2024-56746 CVE-2024-56747 |
CWE-ID | CWE-399 CWE-20 CWE-476 CWE-416 CWE-366 CWE-415 CWE-190 CWE-191 CWE-125 CWE-667 CWE-119 CWE-388 CWE-401 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
openEuler Operating systems & Components / Operating system python3-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component python2-perf-debuginfo Operating systems & Components / Operating system package or component python2-perf Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component bpftool-debuginfo Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 28 vulnerabilities.
EUVDB-ID: #VU102247
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-49034
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the show_cpuinfo() function in arch/sh/kernel/cpu/proc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102285
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-49035
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s5p_cec_irq_handler() function in drivers/media/cec/platform/s5p/s5p_cec.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98980
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-47684
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/net/tcp.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100081
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50142
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the verify_newsa_info() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100612
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50264
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_transport_destruct() function in net/vmw_vsock/virtio_transport_common.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101106
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53103
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hvs_destruct() function in net/vmw_vsock/hyperv_transport.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101113
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53124
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_v6_do_rcv() function in net/ipv6/tcp_ipv6.c, within the dccp_v6_do_rcv() function in net/dccp/ipv6.c. A local user can corrupt data.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101230
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53140
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the netlink_skb_set_owner_r(), netlink_sock_destruct(), deferred_put_nlk_sk() and netlink_release() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101348
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53141
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the bitmap_ip_uadt() function in net/netfilter/ipset/ip_set_bitmap_ip.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101921
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53146
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101924
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53158
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the geni_se_clk_tbl_get() function in drivers/soc/qcom/qcom-geni-se.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102062
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53165
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the register_intc_controller() function in drivers/sh/intc/core.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102058
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53173
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102235
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53183
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the net_device_release() function in arch/um/drivers/net_kern.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102234
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53184
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ubd_open_dev() function in arch/um/drivers/ubd_kern.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102049
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53194
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_slot_release(), pci_bus_get() and make_slot_name() functions in drivers/pci/slot.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102090
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53197
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102092
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53214
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102133
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53217
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd4_process_cb_update() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102070
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53239
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102180
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56531
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usb_caiaq_input_free() function in sound/usb/caiaq/input.c, within the setup_card(), init_card() and snd_disconnect() functions in sound/usb/caiaq/device.c, within the snd_usb_caiaq_audio_init() function in sound/usb/caiaq/audio.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102181
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56532
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_us122l_disconnect() function in sound/usb/usx2y/us122l.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102236
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56539
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102198
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56681
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102102
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56700
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102192
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56704
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101981
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56746
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sh7760fb_alloc_mem() function in drivers/video/fbdev/sh7760fb.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101980
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56747
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2501.1.0.0311
python3-perf: before 4.19.90-2501.1.0.0311
python2-perf-debuginfo: before 4.19.90-2501.1.0.0311
python2-perf: before 4.19.90-2501.1.0.0311
perf-debuginfo: before 4.19.90-2501.1.0.0311
perf: before 4.19.90-2501.1.0.0311
kernel-tools-devel: before 4.19.90-2501.1.0.0311
kernel-tools-debuginfo: before 4.19.90-2501.1.0.0311
kernel-tools: before 4.19.90-2501.1.0.0311
kernel-source: before 4.19.90-2501.1.0.0311
kernel-devel: before 4.19.90-2501.1.0.0311
kernel-debugsource: before 4.19.90-2501.1.0.0311
kernel-debuginfo: before 4.19.90-2501.1.0.0311
bpftool-debuginfo: before 4.19.90-2501.1.0.0311
bpftool: before 4.19.90-2501.1.0.0311
kernel: before 4.19.90-2501.1.0.0311
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1034
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.