Main Vulnerability Database SB2026032074

SB2026032074 - openEuler 24.03 LTS update for kernel

Published: March 20, 2026

Security Bulletin ID SB2026032074

Severity

Low

Patch available

YES

Number of vulnerabilities 18

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 18 secuirty vulnerabilities.

1) Memory leak (CVE-ID: CVE-2024-14027)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the SYSCALL_DEFINE5(), SYSCALL_DEFINE4(), SYSCALL_DEFINE3() and SYSCALL_DEFINE2() functions in fs/xattr.c. A local user can perform a denial of service (DoS) attack.

2) Use-after-free (CVE-ID: CVE-2024-57979)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ptp_ocp_complete() function in drivers/ptp/ptp_ocp.c, within the DEFINE_MUTEX(), pps_cdev_pps_fetch(), pps_cdev_ioctl(), pps_cdev_compat_ioctl(), pps_device_destruct(), pps_register_cdev(), pps_unregister_cdev(), EXPORT_SYMBOL() and pps_init() functions in drivers/pps/pps.c, within the pps_kc_bind() and pps_kc_remove() functions in drivers/pps/kc.c, within the pps_add_offset(), pps_register_source() and pps_event() functions in drivers/pps/kapi.c, within the parport_irq() function in drivers/pps/clients/pps_parport.c, within the pps_tty_dcd_change(), pps_tty_open() and pps_tty_close() functions in drivers/pps/clients/pps-ldisc.c, within the pps_ktimer_exit() and pps_ktimer_init() functions in drivers/pps/clients/pps-ktimer.c, within the pps_gpio_probe() function in drivers/pps/clients/pps-gpio.c. A local user can escalate privileges on the system.

3) Use-after-free (CVE-ID: CVE-2025-39981)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the net/bluetooth/mgmt_util.h. A local user can escalate privileges on the system.

4) Resource management error (CVE-ID: CVE-2025-71195)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the function in drivers/dma/xilinx/xdma.c. A local user can perform a denial of service (DoS) attack.

5) Memory leak (CVE-ID: CVE-2025-71204)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the parse_durable_handle_context() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

6) Incorrect calculation (CVE-ID: CVE-2026-23100)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the include/linux/hugetlb.h. A local user can perform a denial of service (DoS) attack.

7) Use of uninitialized resource (CVE-ID: CVE-2026-23101)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the led_classdev_register_ext() function in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.

8) Improper locking (CVE-ID: CVE-2026-23113)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the io_worker_handle_work() function in io_uring/io-wq.c. A local user can perform a denial of service (DoS) attack.

9) Resource management error (CVE-ID: CVE-2026-23119)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bond_flow_dissect() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

10) NULL pointer dereference (CVE-ID: CVE-2026-23125)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_sf_do_5_1C_ack() function in net/sctp/sm_statefuns.c. A local user can perform a denial of service (DoS) attack.

11) Buffer overflow (CVE-ID: CVE-2026-23128)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the swsusp_arch_suspend() function in arch/arm64/kernel/hibernate.c. A local user can perform a denial of service (DoS) attack.

12) Use of uninitialized resource (CVE-ID: CVE-2026-23140)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the bpf_prog_test_run_xdp() function in net/bpf/test_run.c. A local user can perform a denial of service (DoS) attack.

13) Buffer overflow (CVE-ID: CVE-2026-23177)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the shmem_undo_range() function in mm/shmem.c. A local user can escalate privileges on the system.

14) Use-after-free (CVE-ID: CVE-2026-23201)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the parse_longname() function in fs/ceph/crypto.c. A local user can escalate privileges on the system.

15) Use-after-free (CVE-ID: CVE-2026-23209)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the macvlan_common_newlink() function in drivers/net/macvlan.c. A local user can escalate privileges on the system.

16) Use-after-free (CVE-ID: CVE-2026-23226)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the check_session_id(), ntlm_authenticate() and krb5_authenticate() functions in fs/smb/server/smb2pdu.c. A local user can escalate privileges on the system.

17) Improper locking (CVE-ID: CVE-2026-23229)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the virtcrypto_done_task() function in drivers/crypto/virtio/virtio_crypto_core.c. A local user can perform a denial of service (DoS) attack.

18) NULL pointer dereference (CVE-ID: CVE-2026-23237)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cmpc_accel_sensitivity_show_v4(), cmpc_accel_sensitivity_store_v4(), cmpc_accel_g_select_show_v4(), cmpc_accel_g_select_store_v4(), cmpc_accel_open_v4(), cmpc_accel_sensitivity_show() and cmpc_accel_sensitivity_store() functions in drivers/platform/x86/classmate-laptop.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1642

Vulnerable Software

openEuler: 24.03 LTS
python3-perf-debuginfo: before 6.6.0-143.0.0.125
python3-perf: before 6.6.0-143.0.0.125
perf-debuginfo: before 6.6.0-143.0.0.125
perf: before 6.6.0-143.0.0.125
kernel-tools-devel: before 6.6.0-143.0.0.125
kernel-tools-debuginfo: before 6.6.0-143.0.0.125
kernel-tools: before 6.6.0-143.0.0.125
kernel-source: before 6.6.0-143.0.0.125
kernel-headers: before 6.6.0-143.0.0.125
kernel-devel: before 6.6.0-143.0.0.125
kernel-debugsource: before 6.6.0-143.0.0.125
kernel-debuginfo: before 6.6.0-143.0.0.125
bpftool-debuginfo: before 6.6.0-143.0.0.125
bpftool: before 6.6.0-143.0.0.125
kernel: before 6.6.0-143.0.0.125

SB2026032074 - openEuler 24.03 LTS update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human