Main Vulnerability Database SB2026050313

SB2026050313 - openEuler 22.03 LTS SP4 update for kernel

Published: May 3, 2026 Updated: May 22, 2026

Security Bulletin ID SB2026050313

CSH Severity

High

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 vulnerabilities.

1) Insufficient verification of data authenticity (CVE-ID: CVE-2025-27558)

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows an attacker to perform spoofing attack.

The vulnerability exists due to insufficient verification of data authenticity in mesh networks using Wi-Fi Protected Access (WPA, WPA2, or WPA3) or Wired Equivalent Privacy (WEP). A remote attacker on the local network can inject arbitrary frames towards devices that support receiving non-SSP A-MSDU frames and perform spoofing attack.

2) Improper control of a resource through its lifetime (CVE-ID: CVE-2026-31431)

CWE-ID: CWE-664 - Improper control of a resource through its lifetime

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper memory handling within the authencesn cryptographic template in algif_aead when processing AEAD operations. A local user can trigger the vulnerable code path to execute arbitrary code on the system.

Note, this vulnerability was dubbed "Copy Fail".

3) Use-after-free (CVE-ID: CVE-2026-31473)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to use-after-free in the media request and videobuf queue handling code when reinitializing media requests concurrently with queue teardown. A local user can trigger concurrent MEDIA_REQUEST_IOC_REINIT and VIDIOC_REQBUFS(0) operations to cause a denial of service.

Only request-capable devices are affected.

4) Spoofing attack (CVE-ID: CVE-2020-24588)

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in Windows Wireless Networking. A remote attacker on the local network can spoof page content.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2175

Vulnerable Software

python3-perf-debuginfo: before 5.10.0-312.0.0.215
kernel: before 5.10.0-312.0.0.215
bpftool: before 5.10.0-312.0.0.215
bpftool-debuginfo: before 5.10.0-312.0.0.215
kernel-debuginfo: before 5.10.0-312.0.0.215
kernel-debugsource: before 5.10.0-312.0.0.215
kernel-devel: before 5.10.0-312.0.0.215
kernel-headers: before 5.10.0-312.0.0.215
kernel-source: before 5.10.0-312.0.0.215
kernel-tools: before 5.10.0-312.0.0.215
kernel-tools-debuginfo: before 5.10.0-312.0.0.215
kernel-tools-devel: before 5.10.0-312.0.0.215
perf: before 5.10.0-312.0.0.215
perf-debuginfo: before 5.10.0-312.0.0.215
python3-perf: before 5.10.0-312.0.0.215
openEuler: 22.03 LTS SP4

SB2026050313 - openEuler 22.03 LTS SP4 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human