SB2026012357 - openEuler 20.03 LTS SP4 update for kernel
Published: January 23, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 17 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2022-50422)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smp_execute_task_sg() function in drivers/scsi/libsas/sas_expander.c. A local user can escalate privileges on the system.
2) Resource management error (CVE-ID: CVE-2022-50655)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ppp_send_frame() function in drivers/net/ppp/ppp_generic.c. A local user can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2022-50671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_destroy() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
4) Use of uninitialized resource (CVE-ID: CVE-2022-50733)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the idmouse_create_image() function in drivers/usb/misc/idmouse.c. A local user can perform a denial of service (DoS) attack.
5) Integer overflow (CVE-ID: CVE-2022-50749)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the encode_comp_t() function in kernel/acct.c. A local user can execute arbitrary code.
6) Improper locking (CVE-ID: CVE-2022-50755)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the udf_rename() function in fs/udf/namei.c. A local user can perform a denial of service (DoS) attack.
7) NULL pointer dereference (CVE-ID: CVE-2022-50884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_copy_field() function in drivers/gpu/drm/drm_ioctl.c. A local user can perform a denial of service (DoS) attack.
8) NULL pointer dereference (CVE-ID: CVE-2023-53817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mpi_cmp_ui() function in lib/mpi/mpi-cmp.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2023-53821)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vti6_tnl_xmit() function in net/ipv6/ip6_vti.c. A local user can escalate privileges on the system.
10) Use-after-free (CVE-ID: CVE-2023-53826)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wear_leveling_worker() and __erase_worker() functions in drivers/mtd/ubi/wl.c. A local user can escalate privileges on the system.
11) NULL pointer dereference (CVE-ID: CVE-2023-53832)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the raid10_sync_request() function in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
12) Race condition (CVE-ID: CVE-2023-53998)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the request_entropy() and virtio_read() functions in drivers/char/hw_random/virtio-rng.c. A local user can escalate privileges on the system.
13) NULL pointer dereference (CVE-ID: CVE-2023-54014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qla2x00_process_els() function in drivers/scsi/qla2xxx/qla_bsg.c. A local user can perform a denial of service (DoS) attack.
14) Memory leak (CVE-ID: CVE-2023-54091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drm_client_target_cloned() function in drivers/gpu/drm/drm_client_modeset.c. A local user can perform a denial of service (DoS) attack.
15) Memory leak (CVE-ID: CVE-2023-54123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_geo(), setup_conf() and raid10_run() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
16) Improper locking (CVE-ID: CVE-2023-54160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the include/linux/cpuhotplug.h. A local user can perform a denial of service (DoS) attack.
17) Out-of-bounds read (CVE-ID: CVE-2025-40322)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bit_putcs_aligned() and bit_putcs_unaligned() functions in drivers/video/fbdev/core/bitblit.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.