Risk | Low |
Patch available | YES |
Number of vulnerabilities | 53 |
CVE-ID | CVE-2022-49034 CVE-2024-49906 CVE-2024-53114 CVE-2024-53126 CVE-2024-53127 CVE-2024-53134 CVE-2024-53136 CVE-2024-53146 CVE-2024-53147 CVE-2024-53151 CVE-2024-53154 CVE-2024-53161 CVE-2024-53163 CVE-2024-53165 CVE-2024-53170 CVE-2024-53173 CVE-2024-53186 CVE-2024-53197 CVE-2024-53202 CVE-2024-53217 CVE-2024-53221 CVE-2024-53227 CVE-2024-53230 CVE-2024-56538 CVE-2024-56548 CVE-2024-56569 CVE-2024-56575 CVE-2024-56578 CVE-2024-56581 CVE-2024-56584 CVE-2024-56598 CVE-2024-56604 CVE-2024-56608 CVE-2024-56615 CVE-2024-56620 CVE-2024-56624 CVE-2024-56627 CVE-2024-56629 CVE-2024-56630 CVE-2024-56665 CVE-2024-56675 CVE-2024-56681 CVE-2024-56683 CVE-2024-56692 CVE-2024-56693 CVE-2024-56700 CVE-2024-56702 CVE-2024-56708 CVE-2024-56709 CVE-2024-56741 CVE-2024-56744 CVE-2024-56748 CVE-2024-56752 |
CWE-ID | CWE-399 CWE-476 CWE-20 CWE-119 CWE-667 CWE-190 CWE-125 CWE-193 CWE-416 CWE-401 CWE-388 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software |
openEuler Operating systems & Components / Operating system python3-perf-debuginfo Operating systems & Components / Operating system package or component python3-perf Operating systems & Components / Operating system package or component perf-debuginfo Operating systems & Components / Operating system package or component perf Operating systems & Components / Operating system package or component kernel-tools-devel Operating systems & Components / Operating system package or component kernel-tools-debuginfo Operating systems & Components / Operating system package or component kernel-tools Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-headers Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-debugsource Operating systems & Components / Operating system package or component kernel-debuginfo Operating systems & Components / Operating system package or component bpftool-debuginfo Operating systems & Components / Operating system package or component bpftool Operating systems & Components / Operating system package or component kernel Operating systems & Components / Operating system package or component |
Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 53 vulnerabilities.
EUVDB-ID: #VU102247
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-49034
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the show_cpuinfo() function in arch/sh/kernel/cpu/proc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU98940
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-49906
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn20_program_pipe() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101122
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53114
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the init_amd_zen4() function in arch/x86/kernel/cpu/amd.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101235
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53126
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the psnet_open_pf_bar() function in drivers/vdpa/solidrun/snet_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101231
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53127
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dw_mci_init_slot() function in drivers/mmc/host/dw_mmc.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101236
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53134
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the imx93_blk_ctrl_remove() function in drivers/pmdomain/imx/imx93-blk-ctrl.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101229
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53136
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the shmem_getattr() function in mm/shmem.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101921
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53146
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101909
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53147
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the exfat_find() function in fs/exfat/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101922
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53151
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the xdr_check_write_chunk() function in net/sunrpc/xprtrdma/svc_rdma_recvfrom.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101913
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53154
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the applnco_probe() function in drivers/clk/clk-apple-nco.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101923
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53161
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the bluefield_edac_check() function in drivers/edac/bluefield_edac.c. A local user can execute arbitrary code.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101919
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53163
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the uof_get_name() function in drivers/crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102062
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53165
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the register_intc_controller() function in drivers/sh/intc/core.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102060
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53170
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the del_gendisk() function in block/genhd.c, within the blk_register_queue() function in block/blk-sysfs.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102058
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53173
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102050
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53186
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the handle_ksmbd_work() function in fs/smb/server/server.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102090
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53197
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102005
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53202
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fw_log_firmware_info() function in drivers/base/firmware_loader/main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102133
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53217
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfsd4_process_cb_update() function in fs/nfsd/nfs4callback.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102131
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53221
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_f2fs_fs(), f2fs_destroy_post_read_processing() and exit_f2fs_fs() functions in fs/f2fs/super.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102067
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53227
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102143
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-53230
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cppc_get_cpu_cost() function in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102071
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56538
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zynqmp_dpsub_drm_cleanup() function in drivers/gpu/drm/xlnx/zynqmp_kms.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102075
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56548
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102126
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56569
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ftrace_mod_callback() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102124
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56575
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mxc_jpeg_detach_pm_domains() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102206
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56578
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mxc_jpeg_probe() function in drivers/media/platform/nxp/imx-jpeg/mxc-jpeg.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102044
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56581
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_ref_tree_mod() function in fs/btrfs/ref-verify.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102038
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56584
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the io_init_wq_offload() function in io_uring/tctx.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102085
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56598
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dtReadFirst() function in fs/jfs/jfs_dtree.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102019
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56604
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_alloc() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102076
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56608
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn21_link_encoder_create() function in drivers/gpu/drm/amd/display/dc/resource/dcn21/dcn21_resource.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102083
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56615
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102112
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56620
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ufs_qcom_probe() function in drivers/ufs/host/ufs-qcom.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101994
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56624
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the put_unused_fd() function in drivers/iommu/iommufd/fault.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102080
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56627
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the smb2_read() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102114
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56629
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the wacom_update_name() function in drivers/hid/wacom_sys.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102203
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56630
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_get_init_inode() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102188
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56665
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102036
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56675
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the perf_event_detach_bpf_prog() function in kernel/trace/bpf_trace.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102198
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56681
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102276
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56683
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the vc4_hdmi_debugfs_regs() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102184
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56692
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the truncate_node() function in fs/f2fs/node.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102013
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56693
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __setup(), brd_alloc(), brd_cleanup() and brd_init() functions in drivers/block/brd.c. A local user can escalate privileges on the system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102102
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56700
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102103
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56702
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the SEC() function in tools/testing/selftests/bpf/progs/test_tp_btf_nullable.c, within the reg_btf_record(), check_ptr_to_btf_access(), check_mem_access(), check_func_arg(), btf_check_func_arg_match(), check_kfunc_args(), sanitize_check_bounds(), adjust_ptr_min_max_vals() and convert_ctx_accesses() functions in kernel/bpf/verifier.c, within the btf_ctx_access() function in kernel/bpf/btf.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102237
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56708
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the igen6_register_mci() and igen6_unregister_mcis() functions in drivers/edac/igen6_edac.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102155
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56709
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the io_queue_iowq() function in io_uring/io_uring.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101984
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56741
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the policy_unpack_test_unpack_strdup_with_null_name(), policy_unpack_test_unpack_strdup_with_name() and policy_unpack_test_unpack_strdup_out_of_bounds() functions in security/apparmor/policy_unpack_test.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102153
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56744
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the system_going_down() and f2fs_handle_critical_error() functions in fs/f2fs/super.c, within the f2fs_stop_checkpoint() function in fs/f2fs/checkpoint.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU101979
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56748
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU102241
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-56752
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the gf100_gr_chan_new() function in drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-73.0.0.77
python3-perf: before 6.6.0-73.0.0.77
perf-debuginfo: before 6.6.0-73.0.0.77
perf: before 6.6.0-73.0.0.77
kernel-tools-devel: before 6.6.0-73.0.0.77
kernel-tools-debuginfo: before 6.6.0-73.0.0.77
kernel-tools: before 6.6.0-73.0.0.77
kernel-source: before 6.6.0-73.0.0.77
kernel-headers: before 6.6.0-73.0.0.77
kernel-devel: before 6.6.0-73.0.0.77
kernel-debugsource: before 6.6.0-73.0.0.77
kernel-debuginfo: before 6.6.0-73.0.0.77
bpftool-debuginfo: before 6.6.0-73.0.0.77
bpftool: before 6.6.0-73.0.0.77
kernel: before 6.6.0-73.0.0.77
CPE2.3http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1032
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.