SB20251031132 - openEuler 24.03 LTS SP2 update for kernel

Description

This security bulletin contains information about 11 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2025-37987)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the pdsc_core_init() function in drivers/net/ethernet/amd/pds_core/core.c. A local user can perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2025-38668)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the regulator_remove_coupling() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2025-39679)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nvif_vmm_ctor() function in drivers/gpu/drm/nouveau/nvif/vmm.c. A local user can perform a denial of service (DoS) attack.

4) Improper error handling (CVE-ID: CVE-2025-39724)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the serial8250_do_startup() function in drivers/tty/serial/8250/8250_port.c. A local user can perform a denial of service (DoS) attack.

5) Input validation error (CVE-ID: CVE-2025-39806)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the mt_report_fixup() function in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2025-39898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the e1000_set_eeprom() function in drivers/net/ethernet/intel/e1000e/ethtool.c. A local user can perform a denial of service (DoS) attack.

7) Integer overflow (CVE-ID: CVE-2025-39967)

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the fbcon_set_font() function in drivers/video/fbdev/core/fbcon.c. A local user can execute arbitrary code.

8) Use-after-free (CVE-ID: CVE-2025-39982)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hci_conn_complete_evt() and le_conn_complete_evt() functions in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.

9) Use-after-free (CVE-ID: CVE-2025-39993)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the display_open(), send_packet(), vfd_write(), lcd_write() and imon_disconnect() functions in drivers/media/rc/imon.c. A local user can escalate privileges on the system.

10) Buffer overflow (CVE-ID: CVE-2025-39998)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the target_lu_gp_members_show() function in drivers/target/target_core_configfs.c. A local user can escalate privileges on the system.

11) Input validation error (CVE-ID: CVE-2025-40019)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the essiv_aead_crypt() function in crypto/essiv.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2552