openEuler 22.03 LTS SP4 update for kernel



Risk Low
Patch available YES
Number of vulnerabilities 24
CVE-ID CVE-2022-50306
CVE-2023-53728
CVE-2024-50210
CVE-2024-53168
CVE-2024-53214
CVE-2024-56602
CVE-2024-56616
CVE-2024-57904
CVE-2024-57906
CVE-2024-57931
CVE-2024-58052
CVE-2024-58093
CVE-2024-58237
CVE-2025-21665
CVE-2025-21772
CVE-2025-21802
CVE-2025-23142
CVE-2025-37823
CVE-2025-37915
CVE-2025-37992
CVE-2025-38724
CVE-2025-39898
CVE-2025-39971
CVE-2025-39998
CWE-ID CWE-125
CWE-667
CWE-416
CWE-399
CWE-401
CWE-269
CWE-476
CWE-835
CWE-20
CWE-119
Exploitation vector Local
Public exploit N/A
Vulnerable software
 openEuler
Operating systems & Components / Operating system

python3-perf-debuginfo
Operating systems & Components / Operating system package or component

python3-perf
Operating systems & Components / Operating system package or component

perf-debuginfo
Operating systems & Components / Operating system package or component

perf
Operating systems & Components / Operating system package or component

kernel-tools-devel
Operating systems & Components / Operating system package or component

kernel-tools-debuginfo
Operating systems & Components / Operating system package or component

kernel-tools
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-headers
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-debugsource
Operating systems & Components / Operating system package or component

kernel-debuginfo
Operating systems & Components / Operating system package or component

bpftool-debuginfo
Operating systems & Components / Operating system package or component

bpftool
Operating systems & Components / Operating system package or component

kernel
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 24 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU115407

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-50306

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ext4_fc_replay_cleanup(), ext4_fc_replay_scan() and ext4_fc_replay() functions in fs/ext4/fast_commit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU117592

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53728

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the posix_timer_by_id() function in kernel/time/posix-timers.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU100129

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50210

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pc_clock_settime() function in kernel/time/posix-clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU102061

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53168

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the xs_create_sock() function in net/sunrpc/xprtsock.c, within the svc_create_socket() function in net/sunrpc/svcsock.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU102092

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53214

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU102017

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56602

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee802154_create() function in net/ieee802154/socket.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU102082

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56616

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drm_dp_decode_sideband_msg_hdr() function in drivers/gpu/drm/display/drm_dp_mst_topology.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU103048

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57904

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the at91_ts_register() function in drivers/iio/adc/at91_adc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory leak

EUVDB-ID: #VU103002

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57906

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ads8688_trigger_handler() function in drivers/iio/adc/ti-ads8688.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Improper privilege management

EUVDB-ID: #VU103139

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-57931

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the services_compute_xperms_decision() function in security/selinux/ss/services.c. A local user can read and manipulate data.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) NULL pointer dereference

EUVDB-ID: #VU105409

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58052

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the atomctrl_get_smc_sclk_range_table() function in drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU107678

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58093

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pcie_aspm_exit_link_state() function in drivers/pci/pcie/aspm.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Resource management error

EUVDB-ID: #VU108688

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-58237

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the subprog_tc() function in tools/testing/selftests/bpf/progs/tc_bpf2bpf.c, within the bpf_helper_changes_pkt_data() function in net/core/filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Infinite loop

EUVDB-ID: #VU103594

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21665

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the folio_seek_hole_data() function in mm/filemap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU104980

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21772

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the mac_partition() function in block/partitions/mac.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU105162

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21802

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hclgevf_init() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c, within the hclge_init() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c, within the module_init() function in drivers/net/ethernet/hisilicon/hns3/hns3_enet.c, within the EXPORT_SYMBOL() function in drivers/net/ethernet/hisilicon/hns3/hnae3.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU108246

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-23142

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sctp_transport_free() function in net/sctp/transport.c, within the sctp_writeable(), sctp_sendmsg_to_asoc(), sctp_sock_rfree() and sctp_wait_for_sndbuf() functions in net/sctp/socket.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Input validation error

EUVDB-ID: #VU108825

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37823

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hfsc_dequeue() function in net/sched/sch_hfsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU109504

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37915

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cl_is_active() and drr_enqueue() functions in net/sched/sch_drr.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) NULL pointer dereference

EUVDB-ID: #VU109952

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37992

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pie_change() function in net/sched/sch_pie.c, within the hhf_change() function in net/sched/sch_hhf.c, within the fq_pie_change() function in net/sched/sch_fq_pie.c, within the fq_codel_change() function in net/sched/sch_fq_codel.c, within the fq_change() function in net/sched/sch_fq.c, within the codel_change() function in net/sched/sch_codel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU114799

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-38724

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nfsd4_setclientid_confirm() function in fs/nfsd/nfs4state.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Input validation error

EUVDB-ID: #VU116242

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-39898

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the e1000_set_eeprom() function in drivers/net/ethernet/intel/e1000e/ethtool.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Input validation error

EUVDB-ID: #VU117276

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-39971

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the i40e_vc_config_queues_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Buffer overflow

EUVDB-ID: #VU117282

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-39998

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the target_lu_gp_members_show() function in drivers/target/target_core_configfs.c. A local user can escalate privileges on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP4

python3-perf-debuginfo: before 5.10.0-287.0.0.190

python3-perf: before 5.10.0-287.0.0.190

perf-debuginfo: before 5.10.0-287.0.0.190

perf: before 5.10.0-287.0.0.190

kernel-tools-devel: before 5.10.0-287.0.0.190

kernel-tools-debuginfo: before 5.10.0-287.0.0.190

kernel-tools: before 5.10.0-287.0.0.190

kernel-source: before 5.10.0-287.0.0.190

kernel-headers: before 5.10.0-287.0.0.190

kernel-devel: before 5.10.0-287.0.0.190

kernel-debugsource: before 5.10.0-287.0.0.190

kernel-debuginfo: before 5.10.0-287.0.0.190

bpftool-debuginfo: before 5.10.0-287.0.0.190

bpftool: before 5.10.0-287.0.0.190

kernel: before 5.10.0-287.0.0.190

CPE2.3 External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2555


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###