SB2025041149 - openEuler 20.03 LTS SP4 update for kernel

Main Vulnerability Database SB2025041149

SB2025041149 - openEuler 20.03 LTS SP4 update for kernel

Published: April 11, 2025

Security Bulletin ID SB2025041149

Severity

Low

Patch available

YES

Number of vulnerabilities 26

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 26 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2022-49059)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nci_close_device() function in net/nfc/nci/core.c. A local user can escalate privileges on the system.

2) Use-after-free (CVE-ID: CVE-2022-49085)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drbd_bitmap_io_from_worker(), notify_resource_state_change(), notify_connection_state_change(), notify_device_state_change(), notify_peer_device_state_change() and broadcast_state_change() functions in drivers/block/drbd/drbd_state.c, within the nla_put_notification_header(), notify_resource_state(), notify_device_state(), notify_connection_state(), notify_peer_device_state(), notify_initial_state_done() and get_initial_state() functions in drivers/block/drbd/drbd_nl.c. A local user can escalate privileges on the system.

3) Buffer overflow (CVE-ID: CVE-2022-49100)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the init() and fini() functions in drivers/char/virtio_console.c. A local user can perform a denial of service (DoS) attack.

4) Improper locking (CVE-ID: CVE-2022-49313)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the oxu_bus_suspend() function in drivers/usb/host/oxu210hp-hcd.c. A local user can perform a denial of service (DoS) attack.

5) Memory leak (CVE-ID: CVE-2022-49370)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dmi_sysfs_register_handle() function in drivers/firmware/dmi-sysfs.c. A local user can perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2022-49374)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tipc_enable_bearer() function in net/tipc/bearer.c. A local user can perform a denial of service (DoS) attack.

7) Memory leak (CVE-ID: CVE-2022-49389)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the stub_probe() and put_busid_priv() functions in drivers/usb/usbip/stub_dev.c. A local user can perform a denial of service (DoS) attack.

8) Use-after-free (CVE-ID: CVE-2022-49390)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macsec_dev_init() and macsec_free_netdev() functions in drivers/net/macsec.c. A local user can escalate privileges on the system.

9) Memory leak (CVE-ID: CVE-2022-49396)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the qcom_qmp_reset_control_put() and qcom_qmp_phy_create() functions in drivers/phy/qualcomm/phy-qcom-qmp.c. A local user can perform a denial of service (DoS) attack.

10) Improper locking (CVE-ID: CVE-2022-49441)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tty_buffer_alloc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

11) NULL pointer dereference (CVE-ID: CVE-2022-49450)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the net/rxrpc/sysctl.c. A local user can perform a denial of service (DoS) attack.

12) Input validation error (CVE-ID: CVE-2022-49451)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the scmi_base_implementation_list_get() function in drivers/firmware/arm_scmi/base.c. A local user can perform a denial of service (DoS) attack.

13) Memory leak (CVE-ID: CVE-2022-49467)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mdp5_crtc_cursor_set() function in drivers/gpu/drm/msm/disp/mdp5/mdp5_crtc.c. A local user can perform a denial of service (DoS) attack.

14) Memory leak (CVE-ID: CVE-2022-49481)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pfuze_parse_regulators_dt() function in drivers/regulator/pfuze100-regulator.c. A local user can perform a denial of service (DoS) attack.

15) NULL pointer dereference (CVE-ID: CVE-2022-49491)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vop_bind() function in drivers/gpu/drm/rockchip/rockchip_drm_vop.c. A local user can perform a denial of service (DoS) attack.

16) Memory leak (CVE-ID: CVE-2022-49621)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pmac_cpufreq_init_MacRISC3() function in drivers/cpufreq/pmac32-cpufreq.c. A local user can perform a denial of service (DoS) attack.

17) Use-after-free (CVE-ID: CVE-2022-49711)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fsl_mc_bus_remove() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can escalate privileges on the system.

18) Memory leak (CVE-ID: CVE-2022-49746)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sdma_transfer_init() function in drivers/dma/imx-sdma.c. A local user can perform a denial of service (DoS) attack.

19) Use-after-free (CVE-ID: CVE-2022-49753)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dma_chan_get() function in drivers/dma/dmaengine.c. A local user can escalate privileges on the system.

20) Memory leak (CVE-ID: CVE-2022-49757)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the highbank_mc_probe() and edac_mc_del_mc() functions in drivers/edac/highbank_mc_edac.c. A local user can perform a denial of service (DoS) attack.

21) Out-of-bounds read (CVE-ID: CVE-2023-52988)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the add_secret_dac_path() function in sound/pci/hda/patch_via.c. A local user can perform a denial of service (DoS) attack.

22) NULL pointer dereference (CVE-ID: CVE-2023-53015)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the betopff_init() function in drivers/hid/hid-betopff.c. A local user can perform a denial of service (DoS) attack.

23) Memory leak (CVE-ID: CVE-2023-53024)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_stack_write_fixed_off() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

24) Use-after-free (CVE-ID: CVE-2024-57980)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the uvc_status_init() function in drivers/media/usb/uvc/uvc_status.c. A local user can escalate privileges on the system.

25) Out-of-bounds read (CVE-ID: CVE-2024-57996)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sfq_change() function in net/sched/sch_sfq.c. A local user can perform a denial of service (DoS) attack.

26) Out-of-bounds read (CVE-ID: CVE-2025-21772)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mac_partition() function in block/partitions/mac.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1408

Vulnerable Software

openEuler: 20.03 LTS SP4
python3-perf-debuginfo: before 4.19.90-2504.2.0.0323
python3-perf: before 4.19.90-2504.2.0.0323
python2-perf-debuginfo: before 4.19.90-2504.2.0.0323
python2-perf: before 4.19.90-2504.2.0.0323
perf-debuginfo: before 4.19.90-2504.2.0.0323
perf: before 4.19.90-2504.2.0.0323
kernel-tools-devel: before 4.19.90-2504.2.0.0323
kernel-tools-debuginfo: before 4.19.90-2504.2.0.0323
kernel-tools: before 4.19.90-2504.2.0.0323
kernel-source: before 4.19.90-2504.2.0.0323
kernel-devel: before 4.19.90-2504.2.0.0323
kernel-debugsource: before 4.19.90-2504.2.0.0323
kernel-debuginfo: before 4.19.90-2504.2.0.0323
bpftool-debuginfo: before 4.19.90-2504.2.0.0323
bpftool: before 4.19.90-2504.2.0.0323
kernel: before 4.19.90-2504.2.0.0323