SB20260509146 - openEuler 20.03 LTS SP4 update for kernel

Description

This security bulletin contains information about 2 vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2026-31449)

The vulnerability allows a local user to disclose sensitive information.

The vulnerability exists due to an out-of-bounds read in ext4_ext_correct_indexes when processing a corrupted or crafted on-disk extent header. A local user can supply a crafted filesystem image to disclose sensitive information.

2) Race condition (CVE-ID: CVE-2026-31450)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to a race condition in ext4_inode_attach_jinode() when handling concurrent fast commit flush operations. A local user can trigger concurrent filesystem activity to cause a denial of service.

The issue occurs because a jinode pointer may be observed as non-NULL before its associated i_vfs_inode field is initialized, leading to a kernel crash when the fast commit flush path dereferences it.

Remediation

Install update from vendor's website.

References

• https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2233