Main Vulnerability Database SB2025102478

SB2025102478 - openEuler 22.03 LTS SP4 update for kernel

Published: October 24, 2025

Security Bulletin ID SB2025102478

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 vulnerabilities.

1) Input validation error (CVE-ID: CVE-2023-53292)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the blk_mq_elv_switch_none() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2025-38700)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the iscsi_conn_setup() function in drivers/scsi/libiscsi.c. A local user can perform a denial of service (DoS) attack.

3) Buffer overflow (CVE-ID: CVE-2025-38709)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the loop_set_dio(), loop_set_block_size(), lo_simple_ioctl() and lo_ioctl() functions in drivers/block/loop.c. A local user can escalate privileges on the system.

4) Improper locking (CVE-ID: CVE-2025-39697)

CWE-ID: CWE-667 - Improper Locking

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nfs_page_set_inode_ref(), nfs_page_group_lock() and nfs_inode_remove_request() functions in fs/nfs/write.c, within the nfs_page_group_unlock() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.

5) Buffer overflow (CVE-ID: CVE-2025-39795)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the blk_stack_limits() function in block/blk-settings.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2535

Vulnerable Software

openEuler: 22.03 LTS SP4
kernel: before 5.10.0-286.0.0.189
bpftool: before 5.10.0-286.0.0.189
bpftool-debuginfo: before 5.10.0-286.0.0.189
kernel-debuginfo: before 5.10.0-286.0.0.189
kernel-debugsource: before 5.10.0-286.0.0.189
kernel-devel: before 5.10.0-286.0.0.189
kernel-headers: before 5.10.0-286.0.0.189
kernel-source: before 5.10.0-286.0.0.189
kernel-tools: before 5.10.0-286.0.0.189
kernel-tools-debuginfo: before 5.10.0-286.0.0.189
kernel-tools-devel: before 5.10.0-286.0.0.189
perf: before 5.10.0-286.0.0.189
perf-debuginfo: before 5.10.0-286.0.0.189
python3-perf: before 5.10.0-286.0.0.189
python3-perf-debuginfo: before 5.10.0-286.0.0.189

SB2025102478 - openEuler 22.03 LTS SP4 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human