SB2025101113 - openEuler 22.03 LTS SP3 update for kernel
Published: October 11, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 22 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2022-49234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dsa_switch_bridge_leave() function in net/dsa/switch.c. A local user can perform a denial of service (DoS) attack.
2) NULL pointer dereference (CVE-ID: CVE-2022-50350)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iscsi_target_handle_csg_one() and iscsi_target_start_negotiation() functions in drivers/target/iscsi/iscsi_target_nego.c. A local user can perform a denial of service (DoS) attack.
3) Memory leak (CVE-ID: CVE-2022-50404)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fbcon_do_set_font() function in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
4) Use of uninitialized resource (CVE-ID: CVE-2023-53165)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the udf_name_from_CS0() function in fs/udf/unicode.c. A local user can perform a denial of service (DoS) attack.
5) Memory leak (CVE-ID: CVE-2023-53241)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfsd4_encode_operation() function in fs/nfsd/nfs4xdr.c. A local user can perform a denial of service (DoS) attack.
6) Improper error handling (CVE-ID: CVE-2023-53259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vmci_host_setup_notify() function in drivers/misc/vmw_vmci/vmci_host.c. A local user can perform a denial of service (DoS) attack.
7) Race condition within a thread (CVE-ID: CVE-2023-53275)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the EXPORT_SYMBOL_GPL() function in sound/hda/hdac_regmap.c. A local user can corrupt data.
8) Resource management error (CVE-ID: CVE-2023-53286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlx5_core_destroy_qp(), mlx5_core_xrcd_dealloc() and mlx5_core_destroy_rq_tracked() functions in drivers/infiniband/hw/mlx5/qpc.c. A local user can perform a denial of service (DoS) attack.
9) Input validation error (CVE-ID: CVE-2023-53331)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the persistent_ram_post_init() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
10) Buffer overflow (CVE-ID: CVE-2023-53369)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the dcbnl_bcn_setcfg() function in net/dcb/dcbnl.c. A local user can perform a denial of service (DoS) attack.
11) NULL pointer dereference (CVE-ID: CVE-2023-53384)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mwifiex_handle_uap_rx_forward() function in drivers/net/wireless/marvell/mwifiex/uap_txrx.c. A local user can perform a denial of service (DoS) attack.
12) Out-of-bounds read (CVE-ID: CVE-2023-53395)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the function in drivers/acpi/acpica/psopcode.c. A local user can perform a denial of service (DoS) attack.
13) Improper error handling (CVE-ID: CVE-2023-53438)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the arch/x86/kernel/cpu/mce/internal.h. A local user can perform a denial of service (DoS) attack.
14) Improper locking (CVE-ID: CVE-2025-21801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ravb_suspend() and ravb_resume() functions in drivers/net/ethernet/renesas/ravb_main.c. A local user can perform a denial of service (DoS) attack.
15) Memory leak (CVE-ID: CVE-2025-22073)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the spufs_fill_dir() function in arch/powerpc/platforms/cell/spufs/inode.c. A local user can perform a denial of service (DoS) attack.
16) Use of uninitialized resource (CVE-ID: CVE-2025-38086)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ch9200_mdio_read() function in drivers/net/usb/ch9200.c. A local user can perform a denial of service (DoS) attack.
17) Double free (CVE-ID: CVE-2025-38313)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fsl_mc_device_add() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.
18) Input validation error (CVE-ID: CVE-2025-38615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ntfs_rename() function in fs/ntfs3/namei.c, within the ni_add_name() and ni_rename() functions in fs/ntfs3/frecord.c. A local user can perform a denial of service (DoS) attack.
19) Input validation error (CVE-ID: CVE-2025-39752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rockchip_smp_prepare_cpus() function in arch/arm/mach-rockchip/platsmp.c. A local user can perform a denial of service (DoS) attack.
20) NULL pointer dereference (CVE-ID: CVE-2025-39865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/tee/tee_shm.c. A local user can perform a denial of service (DoS) attack.
21) Use-after-free (CVE-ID: CVE-2025-39866)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __mark_inode_dirty() function in fs/fs-writeback.c. A local user can escalate privileges on the system.
22) Improper error handling (CVE-ID: CVE-2025-39883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.