SB2025102478 - openEuler 22.03 LTS SP4 update for kernel

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2023-53292)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the blk_mq_elv_switch_none() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2025-38700)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the iscsi_conn_setup() function in drivers/scsi/libiscsi.c. A local user can perform a denial of service (DoS) attack.

3) Buffer overflow (CVE-ID: CVE-2025-38709)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the loop_set_dio(), loop_set_block_size(), lo_simple_ioctl() and lo_ioctl() functions in drivers/block/loop.c. A local user can escalate privileges on the system.

4) Improper locking (CVE-ID: CVE-2025-39697)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nfs_page_set_inode_ref(), nfs_page_group_lock() and nfs_inode_remove_request() functions in fs/nfs/write.c, within the nfs_page_group_unlock() function in fs/nfs/pagelist.c. A local user can perform a denial of service (DoS) attack.

5) Buffer overflow (CVE-ID: CVE-2025-39795)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the blk_stack_limits() function in block/blk-settings.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2535