Risk | Low |
Patch available | YES |
Number of vulnerabilities | 58 |
CVE-ID | CVE-2022-49034 CVE-2024-47730 CVE-2024-49907 CVE-2024-50001 CVE-2024-50188 CVE-2024-50233 CVE-2024-50264 CVE-2024-53146 CVE-2024-53147 CVE-2024-53155 CVE-2024-53158 CVE-2024-53161 CVE-2024-53165 CVE-2024-53173 CVE-2024-53185 CVE-2024-53187 CVE-2024-53194 CVE-2024-53197 CVE-2024-53217 CVE-2024-53218 CVE-2024-53219 CVE-2024-53221 CVE-2024-53224 CVE-2024-53227 CVE-2024-56538 CVE-2024-56548 CVE-2024-56562 CVE-2024-56569 CVE-2024-56570 CVE-2024-56572 CVE-2024-56581 CVE-2024-56583 CVE-2024-56584 CVE-2024-56586 CVE-2024-56589 CVE-2024-56594 CVE-2024-56596 CVE-2024-56598 CVE-2024-56604 CVE-2024-56605 CVE-2024-56608 CVE-2024-56615 CVE-2024-56619 CVE-2024-56627 CVE-2024-56629 CVE-2024-56672 CVE-2024-56681 CVE-2024-56686 CVE-2024-56691 CVE-2024-56692 CVE-2024-56700 CVE-2024-56709 CVE-2024-56739 CVE-2024-56741 CVE-2024-56747 CVE-2024-56748 CVE-2024-56756 CVE-2024-56763 |
CWE-ID | CWE-399 CWE-20 CWE-476 CWE-119 CWE-369 CWE-416 CWE-190 CWE-125 CWE-908 CWE-191 CWE-401 CWE-388 CWE-667 CWE-362 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
openEuler Operating systems & Components / Operating system python3-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-headers Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 58 vulnerabilities.
EUVDB-ID: #VU102247
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-49034
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the show_cpuinfo() function in arch/sh/kernel/cpu/proc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99227
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-47730
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qm_set_vf_mse(), qm_controller_reset_prepare(), qm_master_ooo_check() and qm_soft_reset_prepare() functions in drivers/crypto/hisilicon/qm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98925
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-49907
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_allow_idle_optimizations() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU99157
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50001
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the mlx5e_sq_xmit_mpwqe() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100138
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50188
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the dp83869_configure_fiber() function in drivers/net/phy/dp83869.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100200
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50233
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the ad9832_calc_freqreg() function in drivers/staging/iio/frequency/ad9832.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU100612
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-50264
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_transport_destruct() function in net/vmw_vsock/virtio_transport_common.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101921
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53146
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101909
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53147
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101917
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53155
CWE-ID:
CWE-908 - Use of Uninitialized Resource
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_file_write_iter() and ocfs2_file_read_iter() functions in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101924
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53158
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the geni_se_clk_tbl_get() function in drivers/soc/qcom/qcom-geni-se.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101923
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53161
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the bluefield_edac_check() function in drivers/edac/bluefield_edac.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102062
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53165
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the register_intc_controller() function in drivers/sh/intc/core.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102058
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53173
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102051
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53185
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102214
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53187
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the io_pin_pages() function in io_uring/memmap.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102049
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53194
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pci_slot_release(), pci_bus_get() and make_slot_name() functions in drivers/pci/slot.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102090
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53197
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102133
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53217
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd4_process_cb_update() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102066
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53218
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the f2fs_do_shutdown() function in fs/f2fs/file.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102132
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53219
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_fs_get_tree() function in fs/fuse/virtio_fs.c, within the fuse_read_args_fill(), fuse_release_user_pages(), fuse_aio_complete_req(), fuse_get_frag_size(), fuse_get_user_pages() and fuse_direct_io() functions in fs/fuse/file.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102131
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53221
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_f2fs_fs(), f2fs_destroy_post_read_processing() and exit_f2fs_fs() functions in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102141
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53224
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_ib_dev_res_init(), mlx5_ib_stage_delay_drop_cleanup(), mlx5_ib_stage_dev_notifier_init() and STAGE_CREATE() functions in drivers/infiniband/hw/mlx5/main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102067
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53227
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102071
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56538
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_dpsub_drm_cleanup() function in drivers/gpu/drm/xlnx/zynqmp_kms.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102075
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56548
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102279
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56562
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i3c_master_put_i3c_addrs() function in drivers/i3c/master.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102126
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56569
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ftrace_mod_callback() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102280
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56570
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ovl_dentry_init_flags() function in fs/overlayfs/util.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101996
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56572
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the allocate_buffers_internal() function in drivers/media/platform/allegro-dvt/allegro-core.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102044
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56581
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_ref_tree_mod() function in fs/btrfs/ref-verify.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102243
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56583
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the enqueue_dl_entity() function in kernel/sched/deadline.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102038
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56584
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the io_init_wq_offload() function in io_uring/tctx.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102204
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56586
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the f2fs_write_inode() function in fs/f2fs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102168
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56589
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the cq_thread_v3_hw() function in drivers/scsi/hisi_sas/hisi_sas_v3_hw.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102160
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56594
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_ttm_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102087
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56596
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the jfs_readdir() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102085
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56598
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dtReadFirst() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102019
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56604
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_alloc() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102020
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56605
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102076
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56608
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn21_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102083
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56615
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102022
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56619
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nilfs_put_page() function in fs/nilfs2/dir.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102080
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56627
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smb2_read() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102114
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56629
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the wacom_update_name() function in drivers/hid/wacom_sys.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102035
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56672
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the blkcg_unpin_online() function in block/blk-cgroup.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102198
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56681
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102218
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56686
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the MODULE_ALIAS(), __ext4_read_bh(), ext4_read_bh_nowait(), ext4_read_bh(), ext4_read_bh_lock() and ext4_sb_breadahead_unmovable() functions in fs/ext4/super.c, within the ext4_get_bitmap() function in fs/ext4/resize.c, within the mext_page_mkuptodate() function in fs/ext4/move_extent.c, within the read_mmp_block() function in fs/ext4/mmp.c, within the trace_ext4_load_inode() function in fs/ext4/inode.c, within the ext4_get_branch() function in fs/ext4/indirect.c, within the ext4_read_inode_bitmap() function in fs/ext4/ialloc.c, within the __read_extent_tree_block() function in fs/ext4/extents.c, within the ext4_read_block_bitmap_nowait() and ext4_wait_block_bitmap() functions in fs/ext4/balloc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102226
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56691
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the wcove_typec_probe() function in drivers/usb/typec/tcpm/wcove.c, within the ARRAY_SIZE(), bxtwc_add_chained_irq_chip() and bxtwc_probe() functions in drivers/mfd/intel_soc_pmic_bxtwc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102184
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56692
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the truncate_node() function in fs/f2fs/node.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102102
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56700
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102155
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56709
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_queue_iowq() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102154
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56739
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtc_timer_do_work() function in drivers/rtc/interface.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101984
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56741
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the policy_unpack_test_unpack_strdup_with_null_name(), policy_unpack_test_unpack_strdup_with_name() and policy_unpack_test_unpack_strdup_out_of_bounds() functions in security/apparmor/policy_unpack_test.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101980
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56747
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101979
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56748
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102008
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56756
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nvme_free_host_mem(), __nvme_alloc_host_mem() and kfree() functions in drivers/nvme/host/pci.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102404
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56763
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tracing_cpumask_write() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 22.03 LTS SP3
python3-perf-debuginfo: before 5.10.0-245.0.0.147
python3-perf: before 5.10.0-245.0.0.147
perf-debuginfo: before 5.10.0-245.0.0.147
perf: before 5.10.0-245.0.0.147
kernel-tools-devel: before 5.10.0-245.0.0.147
kernel-tools-debuginfo: before 5.10.0-245.0.0.147
kernel-tools: before 5.10.0-245.0.0.147
kernel-source: before 5.10.0-245.0.0.147
kernel-headers: before 5.10.0-245.0.0.147
kernel-devel: before 5.10.0-245.0.0.147
kernel-debugsource: before 5.10.0-245.0.0.147
kernel-debuginfo: before 5.10.0-245.0.0.147
kernel: before 5.10.0-245.0.0.147
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1033
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.