SB2025032177 - openEuler 20.03 LTS SP4 update for kernel
Published: March 21, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 27 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2021-47634)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vol_attribute_show() function in drivers/mtd/ubi/vmt.c, within the dev_attribute_show(), ubi_attach_mtd_dev() and uif_close() functions in drivers/mtd/ubi/build.c. A local user can escalate privileges on the system.
2) Use-after-free (CVE-ID: CVE-2021-47656)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the jffs2_free_ino_caches() function in fs/jffs2/fs.c. A local user can escalate privileges on the system.
3) Memory leak (CVE-ID: CVE-2022-49052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the end_swap_bio_write(), end_swap_bio_read() and swap_readpage() functions in mm/page_io.c. A local user can perform a denial of service (DoS) attack.
4) Use-after-free (CVE-ID: CVE-2022-49087)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rxrpc_exit_net() function in net/rxrpc/net_ns.c. A local user can escalate privileges on the system.
5) Improper locking (CVE-ID: CVE-2022-49155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla2xxx_create_qpair() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
6) Use of uninitialized resource (CVE-ID: CVE-2022-49248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the fcp_avc_transaction() function in sound/firewire/fcp.c. A local user can perform a denial of service (DoS) attack.
7) Memory leak (CVE-ID: CVE-2022-49276)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_scan_medium() function in fs/jffs2/scan.c. A local user can perform a denial of service (DoS) attack.
8) Memory leak (CVE-ID: CVE-2022-49277)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the jffs2_do_mount_fs() function in fs/jffs2/build.c. A local user can perform a denial of service (DoS) attack.
9) Improper locking (CVE-ID: CVE-2022-49315)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtllib_beacons_stop() function in drivers/staging/rtl8192e/rtllib_softmac.c. A local user can perform a denial of service (DoS) attack.
10) Memory leak (CVE-ID: CVE-2022-49324)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mips_cpc_default_phys_base() function in arch/mips/kernel/mips-cpc.c. A local user can perform a denial of service (DoS) attack.
11) Memory leak (CVE-ID: CVE-2022-49331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the st21nfca_connectivity_event_received() function in drivers/nfc/st21nfca/se.c. A local user can perform a denial of service (DoS) attack.
12) NULL pointer dereference (CVE-ID: CVE-2022-49375)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_rtc_probe() function in drivers/rtc/rtc-mt6397.c. A local user can perform a denial of service (DoS) attack.
13) Improper locking (CVE-ID: CVE-2022-49414)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_punch_hole() function in fs/ext4/inode.c, within the ext4_fallocate() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2022-49488)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mdp5_mixer_assign() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_mixer.c, within the mdp5_crtc_setup_pipeline() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2022-49489)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the _dpu_kms_hw_destroy() function in drivers/gpu/drm/msm/disp/dpu1/dpu_kms.c. A local user can escalate privileges on the system.
16) Resource management error (CVE-ID: CVE-2022-49513)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the free_policy_dbs_info(), cpufreq_dbs_governor_init() and cpufreq_dbs_governor_exit() functions in drivers/cpufreq/cpufreq_governor.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2022-49514)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mt8173_max98090_dev_probe() function in sound/soc/mediatek/mt8173/mt8173-max98090.c. A local user can perform a denial of service (DoS) attack.
18) NULL pointer dereference (CVE-ID: CVE-2022-49527)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hfi_core_deinit() function in drivers/media/platform/qcom/venus/hfi.c. A local user can perform a denial of service (DoS) attack.
19) NULL pointer dereference (CVE-ID: CVE-2022-49532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the virtio_gpu_conn_get_modes() function in drivers/gpu/drm/virtio/virtgpu_display.c. A local user can perform a denial of service (DoS) attack.
20) NULL pointer dereference (CVE-ID: CVE-2022-49544)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the libipw_xmit() function in drivers/net/wireless/intel/ipw2x00/libipw_tx.c. A local user can perform a denial of service (DoS) attack.
21) Buffer overflow (CVE-ID: CVE-2022-49581)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the be_get_module_info() and be_get_module_eeprom() functions in drivers/net/ethernet/emulex/benet/be_ethtool.c, within the be_cmd_read_port_transceiver_data(), be_cmd_query_cable_type() and be_cmd_query_sfp_info() functions in drivers/net/ethernet/emulex/benet/be_cmds.c. A local user can escalate privileges on the system.
22) Use-after-free (CVE-ID: CVE-2022-49608)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rt2880_pinmux_pins() function in drivers/staging/mt7621-pinctrl/pinctrl-rt2880.c. A local user can escalate privileges on the system.
23) Memory leak (CVE-ID: CVE-2022-49682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the calibrate_ccount() function in arch/xtensa/kernel/time.c. A local user can perform a denial of service (DoS) attack.
24) Input validation error (CVE-ID: CVE-2022-49725)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the i40e_diag_test() function in drivers/net/ethernet/intel/i40e/i40e_ethtool.c. A local user can perform a denial of service (DoS) attack.
25) Memory leak (CVE-ID: CVE-2022-49729)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfcmrvl_play_deferred() function in drivers/nfc/nfcmrvl/usb.c. A local user can perform a denial of service (DoS) attack.
26) NULL pointer dereference (CVE-ID: CVE-2024-58009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
27) Use-after-free (CVE-ID: CVE-2025-21791)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/net/l3mdev.h. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.