SB2025082243 - openEuler 24.03 LTS SP1 update for kernel
Published: August 22, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2025-22097)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vkms_init() and vkms_destroy() functions in drivers/gpu/drm/vkms/vkms_drv.c. A local user can escalate privileges on the system.
2) Memory leak (CVE-ID: CVE-2025-37796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the at76_disconnect() function in drivers/net/wireless/atmel/at76c50x-usb.c. A local user can perform a denial of service (DoS) attack.
3) Input validation error (CVE-ID: CVE-2025-37798)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_bstats_update() function in net/sched/sch_fq_codel.c, within the codel_qdisc_dequeue() function in net/sched/sch_codel.c. A local user can perform a denial of service (DoS) attack.
4) Use-after-free (CVE-ID: CVE-2025-37913)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cl_is_active() and qfq_enqueue() functions in net/sched/sch_qfq.c. A local user can escalate privileges on the system.
5) Use-after-free (CVE-ID: CVE-2025-37915)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cl_is_active() and drr_enqueue() functions in net/sched/sch_drr.c. A local user can escalate privileges on the system.
6) Use-after-free (CVE-ID: CVE-2025-38211)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the EXPORT_SYMBOL(), destroy_cm_id() and cm_work_handler() functions in drivers/infiniband/core/iwcm.c. A local user can escalate privileges on the system.
7) Input validation error (CVE-ID: CVE-2025-38251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the clip_push() function in net/atm/clip.c. A local user can perform a denial of service (DoS) attack.
8) Out-of-bounds read (CVE-ID: CVE-2025-38375)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mergeable_ctx_to_truesize(), virtnet_get_headroom(), xdp_linearize_page(), receive_small_xdp() and mergeable_xdp_get_buf() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2025-38473)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_resume_cb() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
10) Incorrect calculation (CVE-ID: CVE-2025-38495)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
11) Resource management error (CVE-ID: CVE-2025-38528)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_bprintf_prepare() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.