SB2025053052 - openEuler 22.03 LTS SP4 update for kernel

Main Vulnerability Database SB2025053052

SB2025053052 - openEuler 22.03 LTS SP4 update for kernel

Published: May 30, 2025

Security Bulletin ID SB2025053052

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 10

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 10 vulnerabilities.

1) Double free (CVE-ID: CVE-2022-3238)

CWE-ID: CWE-415 - Double Free

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to execute arbitrary code.

A double-free flaw was found in the Linux kernel's NTFS3 subsystem in how a user triggers remount and umount simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system.

2) Memory leak (CVE-ID: CVE-2023-53061)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smb2_open() function in fs/ksmbd/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

3) Improper error handling (CVE-ID: CVE-2023-53073)

CWE-ID: CWE-388 - Error Handling

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the amd_pmu_v2_handle_irq() function in arch/x86/events/amd/core.c. A local user can perform a denial of service (DoS) attack.

4) Improper locking (CVE-ID: CVE-2024-57876)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the drm_dp_mst_topology_mgr_set_mst(), EXPORT_SYMBOL(), update_msg_rx_state() and drm_dp_mst_hpd_irq_handle_event() functions in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.

5) Infinite loop (CVE-ID: CVE-2024-58097)

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the ath11k_dp_rx_mon_mpdu_pop() and ath11k_dp_rx_full_mon_mpdu_pop() functions in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2025-37773)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the virtio_fs_get_tree() function in fs/fuse/virtio_fs.c. A local user can perform a denial of service (DoS) attack.

7) Out-of-bounds read (CVE-ID: CVE-2025-37782)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hfs_bnode_read_key() function in fs/hfsplus/bnode.c, within the hfs_bnode_read_key() function in fs/hfs/bnode.c. A local user can perform a denial of service (DoS) attack.

8) Improper locking (CVE-ID: CVE-2025-37925)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the duplicateIXtree() function in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.

9) Improper locking (CVE-ID: CVE-2025-37940)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ftrace_graph_set_hash() function in kernel/trace/ftrace.c. A local user can perform a denial of service (DoS) attack.

10) Memory leak (CVE-ID: CVE-2025-37980)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the blk_debugfs_remove() function in block/blk-sysfs.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1571

Vulnerable Software

openEuler: 22.03 LTS SP4
kernel: before 5.10.0-265.0.0.168
bpftool: before 5.10.0-265.0.0.168
bpftool-debuginfo: before 5.10.0-265.0.0.168
kernel-debuginfo: before 5.10.0-265.0.0.168
kernel-debugsource: before 5.10.0-265.0.0.168
kernel-devel: before 5.10.0-265.0.0.168
kernel-headers: before 5.10.0-265.0.0.168
kernel-source: before 5.10.0-265.0.0.168
kernel-tools: before 5.10.0-265.0.0.168
kernel-tools-debuginfo: before 5.10.0-265.0.0.168
kernel-tools-devel: before 5.10.0-265.0.0.168
perf: before 5.10.0-265.0.0.168
perf-debuginfo: before 5.10.0-265.0.0.168
python3-perf: before 5.10.0-265.0.0.168
python3-perf-debuginfo: before 5.10.0-265.0.0.168