SB2026031341 - Anolis OS update for kernel:4.18

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2022-50856)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the cifs_ses_add_channel() function in fs/cifs/sess.c. A local user can perform a denial of service (DoS) attack.

2) Resource management error (CVE-ID: CVE-2025-71085)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.

3) Use-after-free (CVE-ID: CVE-2026-23001)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macvlan_hash_lookup_source(), macvlan_hash_add_source(), macvlan_hash_add(), macvlan_flush_sources(), macvlan_forward_source() and macvlan_fill_info_macaddr() functions in drivers/net/macvlan.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://anas.openanolis.cn/errata/detail/ANSA-2026:0315