Main Vulnerability Database SB20251031129

SB20251031129 - openEuler 24.03 LTS update for kernel

Published: October 31, 2025 Updated: January 16, 2026

Security Bulletin ID SB20251031129

Severity

Low

Patch available

YES

Number of vulnerabilities 14

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2024-53168)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.

2) Resource management error (CVE-ID: CVE-2025-21913)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the early_is_amd_nb() and amd_get_mmconfig_range() functions in arch/x86/kernel/amd_nb.c. A local user can perform a denial of service (DoS) attack.

3) Buffer overflow (CVE-ID: CVE-2025-37987)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the pdsc_core_init() function in drivers/net/ethernet/amd/pds_core/core.c. A local user can perform a denial of service (DoS) attack.

4) Improper error handling (CVE-ID: CVE-2025-37995)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the module_kobj_release() function in kernel/params.c. A local user can perform a denial of service (DoS) attack.

5) NULL pointer dereference (CVE-ID: CVE-2025-38668)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the regulator_remove_coupling() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.

6) Memory leak (CVE-ID: CVE-2025-39679)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nvif_vmm_ctor() function in drivers/gpu/drm/nouveau/nvif/vmm.c. A local user can perform a denial of service (DoS) attack.

7) Improper error handling (CVE-ID: CVE-2025-39724)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the serial8250_do_startup() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.

8) Input validation error (CVE-ID: CVE-2025-39806)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mt_report_fixup() function in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.

9) Input validation error (CVE-ID: CVE-2025-39898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the e1000_set_eeprom() function in drivers/net/ethernet/intel/e1000e/ethtool.c. A local user can perform a denial of service (DoS) attack.

10) Integer overflow (CVE-ID: CVE-2025-39967)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the fbcon_set_font() function in drivers/video/fbdev/core/fbcon.c. A local user can execute arbitrary code.

11) Use-after-free (CVE-ID: CVE-2025-39982)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hci_conn_complete_evt() and le_conn_complete_evt() functions in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.

12) Use-after-free (CVE-ID: CVE-2025-39993)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the display_open(), send_packet(), vfd_write(), lcd_write() and imon_disconnect() functions in drivers/media/rc/imon.c. A local user can escalate privileges on the system.

13) Buffer overflow (CVE-ID: CVE-2025-39998)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the target_lu_gp_members_show() function in drivers/target/target_core_configfs.c. A local user can escalate privileges on the system.

14) Input validation error (CVE-ID: CVE-2025-40019)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the essiv_aead_crypt() function in crypto/essiv.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2556

Vulnerable Software

openEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-114.0.0.106
python3-perf: before 6.6.0-114.0.0.106
perf-debuginfo: before 6.6.0-114.0.0.106
perf: before 6.6.0-114.0.0.106
kernel-tools-devel: before 6.6.0-114.0.0.106
kernel-tools-debuginfo: before 6.6.0-114.0.0.106
kernel-tools: before 6.6.0-114.0.0.106
kernel-source: before 6.6.0-114.0.0.106
kernel-headers: before 6.6.0-114.0.0.106
kernel-devel: before 6.6.0-114.0.0.106
kernel-debugsource: before 6.6.0-114.0.0.106
kernel-debuginfo: before 6.6.0-114.0.0.106
bpftool-debuginfo: before 6.6.0-114.0.0.106
bpftool: before 6.6.0-114.0.0.106
kernel: before 6.6.0-114.0.0.106

SB20251031129 - openEuler 24.03 LTS update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human