Main Vulnerability Database SB2025102476

SB2025102476 - openEuler 24.03 LTS SP1 update for kernel

Published: October 24, 2025

Security Bulletin ID SB2025102476

Severity

Low

Patch available

YES

Number of vulnerabilities 20

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 20 secuirty vulnerabilities.

1) Improper locking (CVE-ID: CVE-2025-21801)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ravb_suspend() and ravb_resume() functions in drivers/net/ethernet/renesas/ravb_main.c. A local user can perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2025-21917)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the usbhs_remove() function in drivers/usb/renesas_usbhs/common.c. A local user can perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2025-37792)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rtl_dev_err() function in drivers/bluetooth/btrtl.c. A local user can perform a denial of service (DoS) attack.

4) Use-after-free (CVE-ID: CVE-2025-37914)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cl_is_active() and ets_qdisc_enqueue() functions in net/sched/sch_ets.c. A local user can escalate privileges on the system.

5) Infinite loop (CVE-ID: CVE-2025-37931)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the submit_eb_subpage() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.

6) Double free (CVE-ID: CVE-2025-38313)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the fsl_mc_device_add() function in drivers/bus/fsl-mc/fsl-mc-bus.c. A local user can perform a denial of service (DoS) attack.

7) Resource management error (CVE-ID: CVE-2025-38333)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the fs/f2fs/segment.c, include/linux/f2fs_fs.h. A local user can perform a denial of service (DoS) attack.

8) Input validation error (CVE-ID: CVE-2025-38414)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ath12k_pci_enable_ltssm() function in drivers/net/wireless/ath/ath12k/pci.c. A local user can perform a denial of service (DoS) attack.

9) Input validation error (CVE-ID: CVE-2025-38615)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ntfs_rename() function in fs/ntfs3/namei.c, within the ni_add_name() and ni_rename() functions in fs/ntfs3/frecord.c. A local user can perform a denial of service (DoS) attack.

10) NULL pointer dereference (CVE-ID: CVE-2025-38700)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the iscsi_conn_setup() function in drivers/scsi/libiscsi.c. A local user can perform a denial of service (DoS) attack.

11) Input validation error (CVE-ID: CVE-2025-38701)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ext4_create_inline_data(), ext4_update_inline_data() and ext4_inline_data_truncate() functions in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.

12) Buffer overflow (CVE-ID: CVE-2025-38709)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the loop_set_dio(), loop_set_block_size(), lo_simple_ioctl() and lo_ioctl() functions in drivers/block/loop.c. A local user can escalate privileges on the system.

13) Use-after-free (CVE-ID: CVE-2025-39691)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __end_buffer_read_notouch() function in fs/buffer.c. A local user can escalate privileges on the system.

14) Incorrect calculation (CVE-ID: CVE-2025-39787)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the qcom_mdt_get_size(), qcom_mdt_read_metadata() and __qcom_mdt_load() functions in drivers/soc/qcom/mdt_loader.c. A local user can perform a denial of service (DoS) attack.

15) Buffer overflow (CVE-ID: CVE-2025-39795)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the blk_stack_limits() function in block/blk-settings.c. A local user can escalate privileges on the system.

16) NULL pointer dereference (CVE-ID: CVE-2025-39920)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the do_validate_mem() function in drivers/pcmcia/rsrc_nonstatic.c. A local user can perform a denial of service (DoS) attack.

17) Improper error handling (CVE-ID: CVE-2025-39923)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bam_dma_probe() function in drivers/dma/qcom/bam_dma.c. A local user can perform a denial of service (DoS) attack.

18) Buffer overflow (CVE-ID: CVE-2025-39968)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the i40e_vc_del_cloud_filter() and i40e_vc_add_cloud_filter() functions in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can escalate privileges on the system.

19) Input validation error (CVE-ID: CVE-2025-39971)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the i40e_vc_config_queues_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.

20) Memory leak (CVE-ID: CVE-2025-39989)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the error_context() function in arch/x86/kernel/cpu/mce/severity.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2537

Vulnerable Software

openEuler: 24.03 LTS SP1
python3-perf-debuginfo: before 6.6.0-113.0.0.117
python3-perf: before 6.6.0-113.0.0.117
perf-debuginfo: before 6.6.0-113.0.0.117
perf: before 6.6.0-113.0.0.117
kernel-tools-devel: before 6.6.0-113.0.0.117
kernel-tools-debuginfo: before 6.6.0-113.0.0.117
kernel-tools: before 6.6.0-113.0.0.117
kernel-source: before 6.6.0-113.0.0.117
kernel-headers: before 6.6.0-113.0.0.117
kernel-devel: before 6.6.0-113.0.0.117
kernel-debugsource: before 6.6.0-113.0.0.117
kernel-debuginfo: before 6.6.0-113.0.0.117
bpftool-debuginfo: before 6.6.0-113.0.0.117
bpftool: before 6.6.0-113.0.0.117
kernel: before 6.6.0-113.0.0.117

SB2025102476 - openEuler 24.03 LTS SP1 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human