SB2025123041 - openEuler 20.03 LTS SP4 update for kernel
Published: December 30, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 15 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2022-49121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pm80xx_chip_phy_ctl_req() function in drivers/scsi/pm8001/pm80xx_hwi.c, within the pm8001_exec_internal_task_abort() function in drivers/scsi/pm8001/pm8001_sas.c, within the pm8001_chip_reg_dev_req(), pm8001_chip_fw_flash_update_req() and pm8001_chip_set_dev_state_req() functions in drivers/scsi/pm8001/pm8001_hwi.c. A local user can perform a denial of service (DoS) attack.
2) Improper locking (CVE-ID: CVE-2022-49156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qla24xx_handle_plogi_done_event() function in drivers/scsi/qla2xxx/qla_init.c. A local user can perform a denial of service (DoS) attack.
3) Integer overflow (CVE-ID: CVE-2022-49289)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the arch/microblaze/include/asm/uaccess.h, arch/csky/include/asm/uaccess.h. A local user can execute arbitrary code.
4) NULL pointer dereference (CVE-ID: CVE-2022-49428)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __recover_dot_dentries() function in fs/f2fs/namei.c. A local user can perform a denial of service (DoS) attack.
5) Improper error handling (CVE-ID: CVE-2022-49520)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the compat_arm_syscall() function in arch/arm64/kernel/sys_compat.c. A local user can perform a denial of service (DoS) attack.
6) Race condition within a thread (CVE-ID: CVE-2022-49595)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the tcp_mtu_probe() function in net/ipv4/tcp_output.c. A local user can corrupt data.
7) Buffer overflow (CVE-ID: CVE-2022-50640)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the sdio_release_func() function in drivers/mmc/core/sdio_bus.c. A local user can escalate privileges on the system.
8) Improper locking (CVE-ID: CVE-2023-53041)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __qla2x00_abort_all_cmds() function in drivers/scsi/qla2xxx/qla_os.c. A local user can perform a denial of service (DoS) attack.
9) NULL pointer dereference (CVE-ID: CVE-2023-53248)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_vm_bo_add(), amdgpu_vm_init() and amdgpu_vm_make_compute() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can perform a denial of service (DoS) attack.
10) Improper locking (CVE-ID: CVE-2024-43835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the virtnet_receive(), virtnet_poll_cleantx(), virtnet_poll() and virtnet_poll_tx() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
11) Integer overflow (CVE-ID: CVE-2024-50016)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the dp_set_test_pattern() function in drivers/gpu/drm/amd/display/dc/link/accessories/link_dp_cts.c. A local user can execute arbitrary code.
12) Improper locking (CVE-ID: CVE-2024-50234)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the il_pci_resume() function in drivers/net/wireless/intel/iwlegacy/common.c. A local user can perform a denial of service (DoS) attack.
13) NULL pointer dereference (CVE-ID: CVE-2025-21744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_txfinalize() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c. A local user can perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2025-21776)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hub_probe() function in drivers/usb/core/hub.c. A local user can perform a denial of service (DoS) attack.
15) Input validation error (CVE-ID: CVE-2025-38516)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the msm_gpio_needs_dual_edge_parent_workaround() and msm_gpio_init() functions in drivers/pinctrl/qcom/pinctrl-msm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.