SB2026050313 - openEuler 22.03 LTS SP4 update for kernel

Description

This security bulletin contains information about 4 vulnerabilities.

1) Insufficient verification of data authenticity (CVE-ID: CVE-2025-27558)

The vulnerability allows an attacker to perform spoofing attack.

The vulnerability exists due to insufficient verification of data authenticity in mesh networks using Wi-Fi Protected Access (WPA, WPA2, or WPA3) or Wired Equivalent Privacy (WEP). A remote attacker on the local network can inject arbitrary frames towards devices that support receiving non-SSP A-MSDU frames and perform spoofing attack.

2) Improper control of a resource through its lifetime (CVE-ID: CVE-2026-31431)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper memory handling within the authencesn cryptographic template in algif_aead when processing AEAD operations. A local user can trigger the vulnerable code path to execute arbitrary code on the system.

Note, this vulnerability was dubbed "Copy Fail". 

3) Use-after-free (CVE-ID: CVE-2026-31473)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to use-after-free in the media request and videobuf queue handling code when reinitializing media requests concurrently with queue teardown. A local user can trigger concurrent MEDIA_REQUEST_IOC_REINIT and VIDIOC_REQBUFS(0) operations to cause a denial of service.

Only request-capable devices are affected.

4) Spoofing attack (CVE-ID: CVE-2020-24588)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in Windows Wireless Networking. A remote attacker on the local network can spoof page content.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2175