SB2025052347 - openEuler 24.03 LTS update for kernel

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Resource management error (CVE-ID: CVE-2024-58098)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the check_func_call(), mark_subprog_changes_pkt_data(), visit_func_call_insn() and visit_insn() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

2) Out-of-bounds read (CVE-ID: CVE-2025-22079)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __ocfs2_find_path() function in fs/ocfs2/alloc.c. A local user can perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2025-23146)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kb3930_probe() function in drivers/mfd/ene-kb3930.c. A local user can perform a denial of service (DoS) attack.

4) Memory leak (CVE-ID: CVE-2025-37807)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the htab_is_percpu() and htab_percpu_map_gen_lookup() functions in kernel/bpf/hashtab.c. A local user can perform a denial of service (DoS) attack.

5) Input validation error (CVE-ID: CVE-2025-37818)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the huge_pte_offset() function in arch/loongarch/mm/hugetlbpage.c. A local user can perform a denial of service (DoS) attack.

6) NULL pointer dereference (CVE-ID: CVE-2025-37830)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the scmi_cpufreq_get_rate() function in drivers/cpufreq/scmi-cpufreq.c. A local user can perform a denial of service (DoS) attack.

7) Input validation error (CVE-ID: CVE-2025-37870)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the dcn401_enable_stream() function in drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c, within the dcn20_enable_stream() function in drivers/gpu/drm/amd/display/dc/hwss/dcn20/dcn20_hwseq.c. A local user can perform a denial of service (DoS) attack.

8) Resource management error (CVE-ID: CVE-2025-37878)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the inherit_event() function in kernel/events/core.c. A local user can perform a denial of service (DoS) attack.

9) Improper locking (CVE-ID: CVE-2025-37884)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __set_printk_clr_event() and bpf_get_trace_vprintk_proto() functions in kernel/trace/bpf_trace.c. A local user can perform a denial of service (DoS) attack.

10) Use-after-free (CVE-ID: CVE-2025-37938)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the test_event_printk() function in kernel/trace/trace_events.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1539