SB2025030762 - openEuler 20.03 LTS SP4 update for kernel

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2021-47652)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ufx_usb_probe() function in drivers/video/fbdev/smscufx.c. A local user can perform a denial of service (DoS) attack.

2) Out-of-bounds read (CVE-ID: CVE-2022-49073)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the SATA_DWC_QCMD_MAX() function in drivers/ata/sata_dwc_460ex.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2022-49091)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the imx_pd_connector_get_modes() function in drivers/gpu/drm/imx/parallel-display.c. A local user can perform a denial of service (DoS) attack.

4) Memory leak (CVE-ID: CVE-2022-49394)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the blkiolatency_enable_work_fn(), BLKIOLATENCY(), blkcg_iolatency_throttle(), blkcg_iolatency_done_bio(), blkcg_iolatency_exit(), rcu_read_unlock(), blk_iolatency_init(), iolatency_set_min_lat_nsec(), iolatency_set_limit() and iolatency_pd_offline() functions in block/blk-iolatency.c. A local user can perform a denial of service (DoS) attack.

5) Memory leak (CVE-ID: CVE-2024-57883)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the huge_pmd_share() and huge_pmd_unshare() functions in mm/hugetlb.c. A local user can perform a denial of service (DoS) attack.

6) Improper locking (CVE-ID: CVE-2024-57977)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dump_tasks() function in mm/oom_kill.c, within the mem_cgroup_scan_tasks() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.

7) Use-after-free (CVE-ID: CVE-2025-21731)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nbd_disconnect_and_put() function in drivers/block/nbd.c. A local user can escalate privileges on the system.

8) Out-of-bounds read (CVE-ID: CVE-2025-21815)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the isolate_freepages_block() function in mm/compaction.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1245