SB20250704140 - openEuler 20.03 LTS SP4 update for kernel

Main Vulnerability Database SB20250704140

SB20250704140 - openEuler 20.03 LTS SP4 update for kernel

Published: July 4, 2025

Security Bulletin ID SB20250704140

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 13

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 13 vulnerabilities.

1) Improper locking (CVE-ID: CVE-2022-49814)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the requeue_rx_msgs(), kcm_wait_data(), KCM_STATS_INCR() and kcm_splice_read() functions in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.

2) Resource management error (CVE-ID: CVE-2022-49917)

CWE-ID: CWE-399 - Resource Management Errors

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ip_vs_app_net_init() function in net/netfilter/ipvs/ip_vs_app.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2022-49981)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hidraw_release() function in drivers/hid/hidraw.c. A local user can perform a denial of service (DoS) attack.

4) Memory leak (CVE-ID: CVE-2022-49982)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pvr2_hdw_create() function in drivers/media/usb/pvrusb2/pvrusb2-hdw.c. A local user can perform a denial of service (DoS) attack.

5) NULL pointer dereference (CVE-ID: CVE-2022-50080)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tee_shm_register_user_buf() function in drivers/tee/tee_shm.c. A local user can perform a denial of service (DoS) attack.

6) Out-of-bounds read (CVE-ID: CVE-2022-50094)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the include/trace/events/spmi.h. A local user can perform a denial of service (DoS) attack.

7) Memory leak (CVE-ID: CVE-2022-50203)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the omapdss_init_fbdev() function in arch/arm/mach-omap2/display.c. A local user can perform a denial of service (DoS) attack.

8) Buffer overflow (CVE-ID: CVE-2022-50222)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the vc_uniscr_alloc() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.

9) Resource management error (CVE-ID: CVE-2023-53053)

CWE-ID: CWE-399 - Resource Management Errors

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ip6erspan_tunnel_xmit() function in net/ipv6/ip6_gre.c, within the erspan_fb_xmit() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.

10) Memory leak (CVE-ID: CVE-2023-53062)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smsc95xx_rx_fixup() function in drivers/net/usb/smsc95xx.c. A local user can perform a denial of service (DoS) attack.

11) NULL pointer dereference (CVE-ID: CVE-2023-53066)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qed_iov_configure_min_tx_rate() and qed_iov_handle_trust_change() functions in drivers/net/ethernet/qlogic/qed/qed_sriov.c. A local user can perform a denial of service (DoS) attack.

12) Memory leak (CVE-ID: CVE-2023-53125)

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the smsc75xx_rx_fixup() function in drivers/net/usb/smsc75xx.c. A local user can perform a denial of service (DoS) attack.

13) Incorrect calculation (CVE-ID: CVE-2025-38058)

CWE-ID: CWE-682 - Incorrect Calculation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the __legitimize_mnt() function in fs/namespace.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1726

Vulnerable Software

openEuler: 20.03 LTS SP4
kernel: before 4.19.90-2507.1.0.0334
bpftool: before 4.19.90-2507.1.0.0334
bpftool-debuginfo: before 4.19.90-2507.1.0.0334
kernel-debuginfo: before 4.19.90-2507.1.0.0334
kernel-debugsource: before 4.19.90-2507.1.0.0334
kernel-devel: before 4.19.90-2507.1.0.0334
kernel-source: before 4.19.90-2507.1.0.0334
kernel-tools: before 4.19.90-2507.1.0.0334
kernel-tools-debuginfo: before 4.19.90-2507.1.0.0334
kernel-tools-devel: before 4.19.90-2507.1.0.0334
perf: before 4.19.90-2507.1.0.0334
perf-debuginfo: before 4.19.90-2507.1.0.0334
python2-perf: before 4.19.90-2507.1.0.0334
python2-perf-debuginfo: before 4.19.90-2507.1.0.0334
python3-perf: before 4.19.90-2507.1.0.0334
python3-perf-debuginfo: before 4.19.90-2507.1.0.0334