SB2025101789 - openEuler 24.03 LTS SP2 update for kernel
Published: October 17, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 24 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2024-56591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_conn_del() function in net/bluetooth/hci_conn.c. A local user can perform a denial of service (DoS) attack.
2) Memory leak (CVE-ID: CVE-2025-22005)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the in6_dev_put() function in net/ipv6/route.c. A local user can perform a denial of service (DoS) attack.
3) Integer overflow (CVE-ID: CVE-2025-22081)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the index_hdr_check() function in fs/ntfs3/index.c. A local user can execute arbitrary code.
4) Improper locking (CVE-ID: CVE-2025-37741)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the diReadSpecial() function in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.
5) Use of uninitialized resource (CVE-ID: CVE-2025-38086)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ch9200_mdio_read() function in drivers/net/usb/ch9200.c. A local user can perform a denial of service (DoS) attack.
6) NULL pointer dereference (CVE-ID: CVE-2025-38319)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the atomctrl_initialize_mc_reg_table() and atomctrl_initialize_mc_reg_table_v2_2() functions in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.
7) Out-of-bounds read (CVE-ID: CVE-2025-39683)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the trace_get_user() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
8) Input validation error (CVE-ID: CVE-2025-39715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the 1: ldw 0(), 10: ldw 0() and 1: ldb 0() functions in arch/parisc/kernel/syscall.S. A local user can perform a denial of service (DoS) attack.
9) Improper error handling (CVE-ID: CVE-2025-39739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the function in drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c. A local user can perform a denial of service (DoS) attack.
10) Input validation error (CVE-ID: CVE-2025-39752)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rockchip_smp_prepare_cpus() function in arch/arm/mach-rockchip/platsmp.c. A local user can perform a denial of service (DoS) attack.
11) Out-of-bounds read (CVE-ID: CVE-2025-39760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the usb_parse_ss_endpoint_companion() function in drivers/usb/core/config.c. A local user can perform a denial of service (DoS) attack.
12) Resource management error (CVE-ID: CVE-2025-39819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smb2_compound_op() function in fs/smb/client/smb2inode.c. A local user can perform a denial of service (DoS) attack.
13) Resource management error (CVE-ID: CVE-2025-39824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the asus_probe() function in drivers/hid/hid-asus.c. A local user can perform a denial of service (DoS) attack.
14) Improper Initialization (CVE-ID: CVE-2025-39844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the include/linux/vmalloc.h. A local user can perform a denial of service (DoS) attack.
15) Resource management error (CVE-ID: CVE-2025-39845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sync_global_pgds() function in arch/x86/mm/init_64.c. A local user can perform a denial of service (DoS) attack.
16) NULL pointer dereference (CVE-ID: CVE-2025-39850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the arp_reduce() and neigh_reduce() functions in drivers/net/vxlan/vxlan_core.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2025-39851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/net/vxlan/vxlan_private.h. A local user can perform a denial of service (DoS) attack.
18) NULL pointer dereference (CVE-ID: CVE-2025-39853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_client_add_instance() function in drivers/net/ethernet/intel/i40e/i40e_client.c. A local user can perform a denial of service (DoS) attack.
19) NULL pointer dereference (CVE-ID: CVE-2025-39865)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/tee/tee_shm.c. A local user can perform a denial of service (DoS) attack.
20) Improper error handling (CVE-ID: CVE-2025-39883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the unpoison_memory() function in mm/memory-failure.c. A local user can perform a denial of service (DoS) attack.
21) Improper locking (CVE-ID: CVE-2025-39886)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __bpf_async_init() function in kernel/bpf/helpers.c. A local user can perform a denial of service (DoS) attack.
22) NULL pointer dereference (CVE-ID: CVE-2025-39895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sched_numa_find_nth_cpu() function in kernel/sched/topology.c. A local user can perform a denial of service (DoS) attack.
23) Resource management error (CVE-ID: CVE-2025-39914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the trace_pid_write() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2025-39953)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the DEFINE_PERCPU_RWSEM(), css_release_work_fn(), css_release(), css_create(), css_killed_ref_fn() and cgroup_wq_init() functions in kernel/cgroup/cgroup.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.