{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Critical" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Verify port when creating flow rule\n\nValidate port value provided by the user and with that remove no longer\nneeded validation by the driver. The missing check in the mlx5_ib driver\ncould cause to the below oops.\n\nCall trace:\n _create_flow_rule+0x2d4/0xf28 [mlx5_ib]\n mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib]\n ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs]\n ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs]\n ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs]\n do_vfs_ioctl+0xd0/0xaf0\n ksys_ioctl+0x84/0xb4\n __arm64_sys_ioctl+0x28/0xc4\n el0_svc_common.constprop.3+0xa4/0x254\n el0_svc_handler+0x84/0xa0\n el0_svc+0x10/0x26c\n Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)(CVE-2021-47265)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module's remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver's remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.(CVE-2021-47356)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure tx skbs always have the MPTCP ext\n\nDue to signed/unsigned comparison, the expression:\n\n\tinfo->size_goal - skb->len > 0\n\nevaluates to true when the size goal is smaller than the\nskb size. That results in lack of tx cache refill, so that\nthe skb allocated by the core TCP code lacks the required\nMPTCP skb extensions.\n\nDue to the above, syzbot is able to trigger the following WARN_ON():\n\nWARNING: CPU: 1 PID: 810 at net/mptcp/protocol.c:1366 mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nModules linked in:\nCPU: 1 PID: 810 Comm: syz-executor.4 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nCode: ff 4c 8b 74 24 50 48 8b 5c 24 58 e9 0f fb ff ff e8 13 44 8b f8 4c 89 e7 45 31 ed e8 98 57 2e fe e9 81 f4 ff ff e8 fe 43 8b f8 <0f> 0b 41 bd ea ff ff ff e9 6f f4 ff ff 4c 89 e7 e8 b9 8e d2 f8 e9\nRSP: 0018:ffffc9000531f6a0 EFLAGS: 00010216\nRAX: 000000000000697f RBX: 0000000000000000 RCX: ffffc90012107000\nRDX: 0000000000040000 RSI: ffffffff88eac9e2 RDI: 0000000000000003\nRBP: ffff888078b15780 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff88eac017 R11: 0000000000000000 R12: ffff88801de0a280\nR13: 0000000000006b58 R14: ffff888066278280 R15: ffff88803c2fe9c0\nFS: 00007fd9f866e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007faebcb2f718 CR3: 00000000267cb000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __mptcp_push_pending+0x1fb/0x6b0 net/mptcp/protocol.c:1547\n mptcp_release_cb+0xfe/0x210 net/mptcp/protocol.c:3003\n release_sock+0xb4/0x1b0 net/core/sock.c:3206\n sk_stream_wait_memory+0x604/0xed0 net/core/stream.c:145\n mptcp_sendmsg+0xc39/0x1bc0 net/mptcp/protocol.c:1749\n inet6_sendmsg+0x99/0xe0 net/ipv6/af_inet6.c:643\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n sock_write_iter+0x2a0/0x3e0 net/socket.c:1057\n call_write_iter include/linux/fs.h:2163 [inline]\n new_sync_write+0x40b/0x640 fs/read_write.c:507\n vfs_write+0x7cf/0xae0 fs/read_write.c:594\n ksys_write+0x1ee/0x250 fs/read_write.c:647\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd9f866e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9\nRDX: 00000000000e7b78 RSI: 0000000020000000 RDI: 0000000000000003\nRBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038\nR13: 0000000000a9fb1f R14: 00007fd9f866e300 R15: 0000000000022000\n\nFix the issue rewriting the relevant expression to avoid\nsign-related problems - note: size_goal is always >= 0.\n\nAdditionally, ensure that the skb in the tx cache always carries\nthe relevant extension.(CVE-2021-47370)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix iscsi_task use after free\n\nCommit d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\")\nadded iscsi_get_conn()/iscsi_put_conn() calls during abort handling but\nthen also changed the handling of the case where we detect an already\ncompleted task where we now end up doing a goto to the common put/cleanup\ncode. This results in a iscsi_task use after free, because the common\ncleanup code will do a put on the iscsi_task.\n\nThis reverts the goto and moves the iscsi_get_conn() to after we've checked\nif the iscsi_task is valid.(CVE-2021-47427)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams \nDate: Wed Oct 13 16:04:13 2021 -0400\n\n drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)(CVE-2021-47489)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntcp: TX zerocopy should not sense pfmemalloc status\n\nWe got a recent syzbot report [1] showing a possible misuse\nof pfmemalloc page status in TCP zerocopy paths.\n\nIndeed, for pages coming from user space or other layers,\nusing page_is_pfmemalloc() is moot, and possibly could give\nfalse positives.\n\nThere has been attempts to make page_is_pfmemalloc() more robust,\nbut not using it in the first place in this context is probably better,\nremoving cpu cycles.\n\nNote to stable teams :\n\nYou need to backport 84ce071e38a6 (\"net: introduce\n__skb_fill_page_desc_noacc\") as a prereq.\n\nRace is more probable after commit c07aea3ef4d4\n(\"mm: add a signature in struct page\") because page_is_pfmemalloc()\nis now using low order bit from page->lru.next, which can change\nmore often than page->index.\n\nLow order bit should never be set for lru.next (when used as an anchor\nin LRU list), so KCSAN report is mostly a false positive.\n\nBackporting to older kernel versions seems not necessary.\n\n[1]\nBUG: KCSAN: data-race in lru_add_fn / tcp_build_frag\n\nwrite to 0xffffea0004a1d2c8 of 8 bytes by task 18600 on cpu 0:\n__list_add include/linux/list.h:73 [inline]\nlist_add include/linux/list.h:88 [inline]\nlruvec_add_folio include/linux/mm_inline.h:105 [inline]\nlru_add_fn+0x440/0x520 mm/swap.c:228\nfolio_batch_move_lru+0x1e1/0x2a0 mm/swap.c:246\nfolio_batch_add_and_move mm/swap.c:263 [inline]\nfolio_add_lru+0xf1/0x140 mm/swap.c:490\nfilemap_add_folio+0xf8/0x150 mm/filemap.c:948\n__filemap_get_folio+0x510/0x6d0 mm/filemap.c:1981\npagecache_get_page+0x26/0x190 mm/folio-compat.c:104\ngrab_cache_page_write_begin+0x2a/0x30 mm/folio-compat.c:116\next4_da_write_begin+0x2dd/0x5f0 fs/ext4/inode.c:2988\ngeneric_perform_write+0x1d4/0x3f0 mm/filemap.c:3738\next4_buffered_write_iter+0x235/0x3e0 fs/ext4/file.c:270\next4_file_write_iter+0x2e3/0x1210\ncall_write_iter include/linux/fs.h:2187 [inline]\nnew_sync_write fs/read_write.c:491 [inline]\nvfs_write+0x468/0x760 fs/read_write.c:578\nksys_write+0xe8/0x1a0 fs/read_write.c:631\n__do_sys_write fs/read_write.c:643 [inline]\n__se_sys_write fs/read_write.c:640 [inline]\n__x64_sys_write+0x3e/0x50 fs/read_write.c:640\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffffea0004a1d2c8 of 8 bytes by task 18611 on cpu 1:\npage_is_pfmemalloc include/linux/mm.h:1740 [inline]\n__skb_fill_page_desc include/linux/skbuff.h:2422 [inline]\nskb_fill_page_desc include/linux/skbuff.h:2443 [inline]\ntcp_build_frag+0x613/0xb20 net/ipv4/tcp.c:1018\ndo_tcp_sendpages+0x3e8/0xaf0 net/ipv4/tcp.c:1075\ntcp_sendpage_locked net/ipv4/tcp.c:1140 [inline]\ntcp_sendpage+0x89/0xb0 net/ipv4/tcp.c:1150\ninet_sendpage+0x7f/0xc0 net/ipv4/af_inet.c:833\nkernel_sendpage+0x184/0x300 net/socket.c:3561\nsock_sendpage+0x5a/0x70 net/socket.c:1054\npipe_to_sendpage+0x128/0x160 fs/splice.c:361\nsplice_from_pipe_feed fs/splice.c:415 [inline]\n__splice_from_pipe+0x222/0x4d0 fs/splice.c:559\nsplice_from_pipe fs/splice.c:594 [inline]\ngeneric_splice_sendpage+0x89/0xc0 fs/splice.c:743\ndo_splice_from fs/splice.c:764 [inline]\ndirect_splice_actor+0x80/0xa0 fs/splice.c:931\nsplice_direct_to_actor+0x305/0x620 fs/splice.c:886\ndo_splice_direct+0xfb/0x180 fs/splice.c:974\ndo_sendfile+0x3bf/0x910 fs/read_write.c:1249\n__do_sys_sendfile64 fs/read_write.c:1317 [inline]\n__se_sys_sendfile64 fs/read_write.c:1303 [inline]\n__x64_sys_sendfile64+0x10c/0x150 fs/read_write.c:1303\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0x0000000000000000 -> 0xffffea0004a1d288\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 18611 Comm: syz-executor.4 Not tainted 6.0.0-rc2-syzkaller-00248-ge022620b5d05-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022(CVE-2022-48689)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn't work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.(CVE-2023-52654)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.(CVE-2023-52669)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Check if the code to patch lies in the exit section\n\nOtherwise we fall through to vmalloc_to_page() which panics since the\naddress does not lie in the vmalloc region.(CVE-2023-52677)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.(CVE-2023-52696)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsysv: don't call sb_bread() with pointers_lock held\n\nsyzbot is reporting sleep in atomic context in SysV filesystem [1], for\nsb_bread() is called with rw_spinlock held.\n\nA \"write_lock(&pointers_lock) => read_lock(&pointers_lock) deadlock\" bug\nand a \"sb_bread() with write_lock(&pointers_lock)\" bug were introduced by\n\"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12.\n\nThen, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the\nformer bug by moving pointers_lock lock to the callers, but instead\nintroduced a \"sb_bread() with read_lock(&pointers_lock)\" bug (which made\nthis problem easier to hit).\n\nAl Viro suggested that why not to do like get_branch()/get_block()/\nfind_shared() in Minix filesystem does. And doing like that is almost a\nrevert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch()\n from with find_shared() is called without write_lock(&pointers_lock).(CVE-2023-52699)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n 34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xec/0x108\n| show_stack+0x18/0x2c\n| dump_stack_lvl+0x50/0x68\n| dump_stack+0x18/0x24\n| panic+0x13c/0x340\n| el1t_64_irq_handler+0x0/0x1c\n| el1_abort+0x0/0x5c\n| el1h_64_sync+0x64/0x68\n| __pi_strcmp+0x1c/0x150\n| unflatten_dt_nodes+0x1e8/0x2d8\n| __unflatten_device_tree+0x5c/0x15c\n| unflatten_device_tree+0x38/0x50\n| setup_arch+0x164/0x1e0\n| start_kernel+0x64/0x38c\n| __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM's IAS 15.0.0 and newer, which contains the linked\ncommit.(CVE-2023-52750)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381(CVE-2023-52752)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why & How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference.(CVE-2023-52753)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npwm: Fix double shift bug\n\nThese enums are passed to set/test_bit(). The set/test_bit() functions\ntake a bit number instead of a shifted value. Passing a shifted value\nis a double shift bug like doing BIT(BIT(1)). The double shift bug\ndoesn't cause a problem here because we are only checking 0 and 1 but\nif the value was 5 or above then it can lead to a buffer overflow.(CVE-2023-52756)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: ignore negated quota changes\n\nWhen lots of quota changes are made, there may be cases in which an\ninode's quota information is increased and then decreased, such as when\nblocks are added to a file, then deleted from it. If the timing is\nright, function do_qc can add pending quota changes to a transaction,\nthen later, another call to do_qc can negate those changes, resulting\nin a net gain of 0. The quota_change information is recorded in the qc\nbuffer (and qd element of the inode as well). The buffer is added to the\ntransaction by the first call to do_qc, but a subsequent call changes\nthe value from non-zero back to zero. At that point it's too late to\nremove the buffer_head from the transaction. Later, when the quota sync\ncode is called, the zero-change qd element is discovered and flagged as\nan assert warning. If the fs is mounted with errors=panic, the kernel\nwill panic.\n\nThis is usually seen when files are truncated and the quota changes are\nnegated by punch_hole/truncate which uses gfs2_quota_hold and\ngfs2_quota_unhold rather than block allocations that use gfs2_quota_lock\nand gfs2_quota_unlock which automatically do quota sync.\n\nThis patch solves the problem by adding a check to qd_check_sync such\nthat net-zero quota changes already added to the transaction are no\nlonger deemed necessary to be synced, and skipped.\n\nIn this case references are taken for the qd and the slot from do_qc\nso those need to be put. The normal sequence of events for a normal\nnon-zero quota change is as follows:\n\ngfs2_quota_change\n do_qc\n qd_hold\n slot_hold\n\nLater, when the changes are to be synced:\n\ngfs2_quota_sync\n qd_fish\n qd_check_sync\n gets qd ref via lockref_get_not_dead\n do_sync\n do_qc(QC_SYNC)\n qd_put\n\t lockref_put_or_lock\n qd_unlock\n qd_put\n lockref_put_or_lock\n\nIn the net-zero change case, we add a check to qd_check_sync so it puts\nthe qd and slot references acquired in gfs2_quota_change and skip the\nunneeded sync.(CVE-2023-52759)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.(CVE-2023-52774)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference.(CVE-2023-52789)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\". So this call to\nida_simple_remove() is a use after free and a double free.(CVE-2023-52795)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 <41> 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<#DF>\n\n\n[] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[] cpu_online include/linux/cpumask.h:1092 [inline]\n[] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[] ip6_route_output include/net/ip6_route.h:100 [inline]\n[] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[] xmit_one net/core/dev.c:3644 [inline]\n[] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[] neigh_hh_output include/net/neighbour.h:529 [inline]\n[dm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied.(CVE-2023-52799)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.(CVE-2023-52800)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()\n\nof_match_device() may fail and returns a NULL pointer.\n\nIn practice there is no known reasonable way to trigger this, but\nin case one is added in future, harden the code by adding the check(CVE-2023-52802)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using.(CVE-2023-52814)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays.(CVE-2023-52819)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd.(CVE-2023-52826)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don't offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(&doms, &attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.(CVE-2023-52831)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don't return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type 'int'\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.(CVE-2023-52832)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nlocking/ww_mutex/test: Fix potential workqueue corruption\n\nIn some cases running with the test-ww_mutex code, I was seeing\nodd behavior where sometimes it seemed flush_workqueue was\nreturning before all the work threads were finished.\n\nOften this would cause strange crashes as the mutexes would be\nfreed while they were being used.\n\nLooking at the code, there is a lifetime problem as the\ncontrolling thread that spawns the work allocates the\n\"struct stress\" structures that are passed to the workqueue\nthreads. Then when the workqueue threads are finished,\nthey free the stress struct that was passed to them.\n\nUnfortunately the workqueue work_struct node is in the stress\nstruct. Which means the work_struct is freed before the work\nthread returns and while flush_workqueue is waiting.\n\nIt seems like a better idea to have the controlling thread\nboth allocate and free the stress structures, so that we can\nbe sure we don't corrupt the workqueue by freeing the structure\nprematurely.\n\nSo this patch reworks the test to do so, and with this change\nI no longer see the early flush_workqueue returns.(CVE-2023-52836)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI've re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par->cmap_regs).(CVE-2023-52838)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp->private_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.(CVE-2023-52864)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.(CVE-2023-52865)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it.(CVE-2023-52871)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.(CVE-2023-52875)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error.(CVE-2023-52878)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix memory leak in dm_sw_fini()\n\nAfter destroying dmub_srv, the memory associated with it is\nnot freed, causing a memory leak:\n\nunreferenced object 0xffff896302b45800 (size 1024):\n comm \"(udev-worker)\", pid 222, jiffies 4294894636\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 6265fd77):\n [] kmalloc_trace+0x29d/0x340\n [] dm_dmub_sw_init+0xb4/0x450 [amdgpu]\n [] dm_sw_init+0x15/0x2b0 [amdgpu]\n [] amdgpu_device_init+0x1417/0x24e0 [amdgpu]\n [] amdgpu_driver_load_kms+0x15/0x190 [amdgpu]\n [] amdgpu_pci_probe+0x187/0x4e0 [amdgpu]\n [] local_pci_probe+0x3e/0x90\n [] pci_device_probe+0xc3/0x230\n [] really_probe+0xe2/0x480\n [] __driver_probe_device+0x78/0x160\n [] driver_probe_device+0x1f/0x90\n [] __driver_attach+0xce/0x1c0\n [] bus_for_each_dev+0x70/0xc0\n [] bus_add_driver+0x112/0x210\n [] driver_register+0x55/0x100\n [] do_one_initcall+0x41/0x300\n\nFix this by freeing dmub_srv after destroying it.(CVE-2024-26833)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---(CVE-2024-26877)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface's parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can't complete\nuntil the device lock has been released, and the lock won't be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \nReported by: xingwei lee (CVE-2024-26934)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()\n\nnft_unregister_expr() can concurrent with __nft_expr_type_get(),\nand there is not any protection when iterate over nf_tables_expressions\nlist in __nft_expr_type_get(). Therefore, there is potential data-race\nof nf_tables_expressions list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_expressions\nlist in __nft_expr_type_get(), and use rcu_read_lock() in the caller\nnft_expr_type_get() to protect the entire type query process.(CVE-2024-27020)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan->conn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---(CVE-2024-27399)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.(CVE-2024-27401)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nefi/capsule-loader: fix incorrect allocation size\n\ngcc-14 notices that the allocation with sizeof(void) on 32-bit architectures\nis not enough for a 64-bit phys_addr_t:\n\ndrivers/firmware/efi/capsule-loader.c: In function 'efi_capsule_open':\ndrivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size '4' for type 'phys_addr_t' {aka 'long long unsigned int'} with size '8' [-Werror=alloc-size]\n 295 | cap_info->phys = kzalloc(sizeof(void *), GFP_KERNEL);\n | ^\n\nUse the correct type instead here.(CVE-2024-27413)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -> skb->_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb->_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb->_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won't happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn't allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn't work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia 'sabotage_in' hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.(CVE-2024-27415)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN's netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.(CVE-2024-35789)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmd/dm-raid: don't call md_reap_sync_thread() directly\n\nCurrently md_reap_sync_thread() is called from raid_message() directly\nwithout holding 'reconfig_mutex', this is definitely unsafe because\nmd_reap_sync_thread() can change many fields that is protected by\n'reconfig_mutex'.\n\nHowever, hold 'reconfig_mutex' here is still problematic because this\nwill cause deadlock, for example, commit 130443d60b1b (\"md: refactor\nidle/frozen_sync_thread() to fix deadlock\").\n\nFix this problem by using stop_sync_thread() to unregister sync_thread,\nlike md/raid did.(CVE-2024-35808)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().(CVE-2024-35822)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvt: fix unicode buffer corruption when deleting characters\n\nThis is the same issue that was fixed for the VGA text buffer in commit\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\ndue to the overlaping buffers.(CVE-2024-35823)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()(CVE-2024-35840)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update\n\nThe rule activity update delayed work periodically traverses the list of\nconfigured rules and queries their activity from the device.\n\nAs part of this task it accesses the entry pointed by 'ventry->entry',\nbut this entry can be changed concurrently by the rehash delayed work,\nleading to a use-after-free [1].\n\nFix by closing the race and perform the activity query under the\n'vregion->lock' mutex.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\nRead of size 8 at addr ffff8881054ed808 by task kworker/0:18/181\n\nCPU: 0 PID: 181 Comm: kworker/0:18 Not tainted 6.9.0-rc2-custom-00781-gd5ab772d32f7 #2\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_rule_activity_update_work\nCall Trace:\n \n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\n mlxsw_sp_acl_rule_activity_update_work+0x219/0x400\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_entry_create+0x7b/0x1f0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x30d/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3d7/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30(CVE-2024-35855)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won't do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn't call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let's update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma->vm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon't need the cachemode. We'll have to fail fork()->track_pfn_copy() if\nthe first page was replaced by an anon folio, though: we'd have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n<--- C reproducer --->\n #include \n #include \n #include \n #include \n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, &p);\n if (ring_fd < 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let's COW it. */\n *map = 0;\n pause();\n return 0;\n }\n<--- C reproducer --->\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring &\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---(CVE-2024-35877)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] \n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables](CVE-2024-35900)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nselinux: avoid dereference of garbage after mount failure\n\nIn case kern_mount() fails and returns an error pointer return in the\nerror branch instead of continuing and dereferencing the error pointer.\n\nWhile on it drop the never read static variable selinuxfs_mount.(CVE-2024-35904)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.(CVE-2024-35925)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndma-direct: Leak pages on dma_set_decrypted() failure\n\nOn TDX it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\nshould be a rare case. Just leak the pages in this case instead of\nfreeing them.(CVE-2024-35939)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev->mode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors'\nmode lists, which are protected by dev->mode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.(CVE-2024-35950)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume's fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root's PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.(CVE-2024-35956)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn't been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren't freed correctly, leading to crashes.(CVE-2024-35958)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node->parent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.(CVE-2024-35960)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix memory leak in hci_req_sync_complete()\n\nIn 'hci_req_sync_complete()', always free the previous sync\nrequest state before assigning reference to a new one.(CVE-2024-35978)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix oops during rmmod on single-CPU platforms\n\nDuring the removal of the idxd driver, registered offline callback is\ninvoked as part of the clean up process. However, on systems with only\none CPU online, no valid target is available to migrate the\nperf context, resulting in a kernel oops:\n\n BUG: unable to handle page fault for address: 000000000002a2b8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 1470e1067 P4D 0\n Oops: 0002 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 20 Comm: cpuhp/0 Not tainted 6.8.0-rc6-dsa+ #57\n Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.86B.2492.D03.2307181620 07/18/2023\n RIP: 0010:mutex_lock+0x2e/0x50\n ...\n Call Trace:\n \n __die+0x24/0x70\n page_fault_oops+0x82/0x160\n do_user_addr_fault+0x65/0x6b0\n __pfx___rdmsr_safe_on_cpu+0x10/0x10\n exc_page_fault+0x7d/0x170\n asm_exc_page_fault+0x26/0x30\n mutex_lock+0x2e/0x50\n mutex_lock+0x1e/0x50\n perf_pmu_migrate_context+0x87/0x1f0\n perf_event_cpu_offline+0x76/0x90 [idxd]\n cpuhp_invoke_callback+0xa2/0x4f0\n __pfx_perf_event_cpu_offline+0x10/0x10 [idxd]\n cpuhp_thread_fun+0x98/0x150\n smpboot_thread_fn+0x27/0x260\n smpboot_thread_fn+0x1af/0x260\n __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x103/0x140\n __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \n\nFix the issue by preventing the migration of the perf context to an\ninvalid target.(CVE-2024-35989)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix missing hugetlb_lock for resv uncharge\n\nThere is a recent report on UFFDIO_COPY over hugetlb:\n\nhttps://lore.kernel.org/all/000000000000ee06de0616177560@google.com/\n\n350:\tlockdep_assert_held(&hugetlb_lock);\n\nShould be an issue in hugetlb but triggered in an userfault context, where\nit goes into the unlikely path where two threads modifying the resv map\ntogether. Mike has a fix in that path for resv uncharge but it looks like\nthe locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd()\nwill update the cgroup pointer, so it requires to be called with the lock\nheld.(CVE-2024-36000)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nIssue reported by customer during SRIOV testing, call trace:\nWhen both i40e and the i40iw driver are loaded, a warning\nin check_flush_dependency is being triggered. This seems\nto be because of the i40e driver workqueue is allocated with\nthe WQ_MEM_RECLAIM flag, and the i40iw one is not.\n\nSimilar error was encountered on ice too and it was fixed by\nremoving the flag. Do the same for i40e too.\n\n[Feb 9 09:08] ------------[ cut here ]------------\n[ +0.000004] workqueue: WQ_MEM_RECLAIM i40e:i40e_service_task [i40e] is\nflushing !WQ_MEM_RECLAIM infiniband:0x0\n[ +0.000060] WARNING: CPU: 0 PID: 937 at kernel/workqueue.c:2966\ncheck_flush_dependency+0x10b/0x120\n[ +0.000007] Modules linked in: snd_seq_dummy snd_hrtimer snd_seq\nsnd_timer snd_seq_device snd soundcore nls_utf8 cifs cifs_arc4\nnls_ucs2_utils rdma_cm iw_cm ib_cm cifs_md4 dns_resolver netfs qrtr\nrfkill sunrpc vfat fat intel_rapl_msr intel_rapl_common irdma\nintel_uncore_frequency intel_uncore_frequency_common ice ipmi_ssif\nisst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal\nintel_powerclamp gnss coretemp ib_uverbs rapl intel_cstate ib_core\niTCO_wdt iTCO_vendor_support acpi_ipmi mei_me ipmi_si intel_uncore\nioatdma i2c_i801 joydev pcspkr mei ipmi_devintf lpc_ich\nintel_pch_thermal i2c_smbus ipmi_msghandler acpi_power_meter acpi_pad\nxfs libcrc32c ast sd_mod drm_shmem_helper t10_pi drm_kms_helper sg ixgbe\ndrm i40e ahci crct10dif_pclmul libahci crc32_pclmul igb crc32c_intel\nlibata ghash_clmulni_intel i2c_algo_bit mdio dca wmi dm_mirror\ndm_region_hash dm_log dm_mod fuse\n[ +0.000050] CPU: 0 PID: 937 Comm: kworker/0:3 Kdump: loaded Not\ntainted 6.8.0-rc2-Feb-net_dev-Qiueue-00279-gbd43c5687e05 #1\n[ +0.000003] Hardware name: Intel Corporation S2600BPB/S2600BPB, BIOS\nSE5C620.86B.02.01.0013.121520200651 12/15/2020\n[ +0.000001] Workqueue: i40e i40e_service_task [i40e]\n[ +0.000024] RIP: 0010:check_flush_dependency+0x10b/0x120\n[ +0.000003] Code: ff 49 8b 54 24 18 48 8d 8b b0 00 00 00 49 89 e8 48\n81 c6 b0 00 00 00 48 c7 c7 b0 97 fa 9f c6 05 8a cc 1f 02 01 e8 35 b3 fd\nff <0f> 0b e9 10 ff ff ff 80 3d 78 cc 1f 02 00 75 94 e9 46 ff ff ff 90\n[ +0.000002] RSP: 0018:ffffbd294976bcf8 EFLAGS: 00010282\n[ +0.000002] RAX: 0000000000000000 RBX: ffff94d4c483c000 RCX:\n0000000000000027\n[ +0.000001] RDX: ffff94d47f620bc8 RSI: 0000000000000001 RDI:\nffff94d47f620bc0\n[ +0.000001] RBP: 0000000000000000 R08: 0000000000000000 R09:\n00000000ffff7fff\n[ +0.000001] R10: ffffbd294976bb98 R11: ffffffffa0be65e8 R12:\nffff94c5451ea180\n[ +0.000001] R13: ffff94c5ab5e8000 R14: ffff94c5c20b6e05 R15:\nffff94c5f1330ab0\n[ +0.000001] FS: 0000000000000000(0000) GS:ffff94d47f600000(0000)\nknlGS:0000000000000000\n[ +0.000002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000001] CR2: 00007f9e6f1fca70 CR3: 0000000038e20004 CR4:\n00000000007706f0\n[ +0.000000] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ +0.000001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ +0.000001] PKRU: 55555554\n[ +0.000001] Call Trace:\n[ +0.000001] \n[ +0.000002] ? __warn+0x80/0x130\n[ +0.000003] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? report_bug+0x195/0x1a0\n[ +0.000005] ? handle_bug+0x3c/0x70\n[ +0.000003] ? exc_invalid_op+0x14/0x70\n[ +0.000002] ? asm_exc_invalid_op+0x16/0x20\n[ +0.000006] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] __flush_workqueue+0x126/0x3f0\n[ +0.000015] ib_cache_cleanup_one+0x1c/0xe0 [ib_core]\n[ +0.000056] __ib_unregister_device+0x6a/0xb0 [ib_core]\n[ +0.000023] ib_unregister_device_and_put+0x34/0x50 [ib_core]\n[ +0.000020] i40iw_close+0x4b/0x90 [irdma]\n[ +0.000022] i40e_notify_client_of_netdev_close+0x54/0xc0 [i40e]\n[ +0.000035] i40e_service_task+0x126/0x190 [i40e]\n[ +0.000024] process_one_work+0x174/0x340\n[ +0.000003] worker_th\n---truncated---(CVE-2024-36004)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\n\nAs previously explained, the rehash delayed work migrates filters from\none region to another. This is done by iterating over all chunks (all\nthe filters with the same priority) in the region and in each chunk\niterating over all the filters.\n\nWhen the work runs out of credits it stores the current chunk and entry\nas markers in the per-work context so that it would know where to resume\nthe migration from the next time the work is scheduled.\n\nUpon error, the chunk marker is reset to NULL, but without resetting the\nentry markers despite being relative to it. This can result in migration\nbeing resumed from an entry that does not belong to the chunk being\nmigrated. In turn, this will eventually lead to a chunk being iterated\nover as if it is an entry. Because of how the two structures happen to\nbe defined, this does not lead to KASAN splats, but to warnings such as\n[1].\n\nFix by creating a helper that resets all the markers and call it from\nall the places the currently only reset the chunk marker. For good\nmeasures also call it when starting a completely new rehash. Add a\nwarning to avoid future cases.\n\n[1]\nWARNING: CPU: 7 PID: 1076 at drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407 mlxsw_afk_encode+0x242/0x2f0\nModules linked in:\nCPU: 7 PID: 1076 Comm: kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_afk_encode+0x242/0x2f0\n[...]\nCall Trace:\n \n mlxsw_sp_acl_atcam_entry_add+0xd9/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x109/0x290\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n (CVE-2024-36007)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.(CVE-2024-36015)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.(CVE-2024-36940)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Critical", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2024-1694", "category":"self", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" }, { "summary":"CVE-2021-47265", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2021-47265&packageName=kernel" }, { "summary":"CVE-2021-47356", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2021-47356&packageName=kernel" }, { "summary":"CVE-2021-47370", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2021-47370&packageName=kernel" }, { "summary":"CVE-2021-47427", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2021-47427&packageName=kernel" }, { "summary":"CVE-2021-47489", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2021-47489&packageName=kernel" }, { "summary":"CVE-2022-48689", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2022-48689&packageName=kernel" }, { "summary":"CVE-2023-52654", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52654&packageName=kernel" }, { "summary":"CVE-2023-52669", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52669&packageName=kernel" }, { "summary":"CVE-2023-52677", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52677&packageName=kernel" }, { "summary":"CVE-2023-52696", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52696&packageName=kernel" }, { "summary":"CVE-2023-52699", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52699&packageName=kernel" }, { "summary":"CVE-2023-52750", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52750&packageName=kernel" }, { "summary":"CVE-2023-52752", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52752&packageName=kernel" }, { "summary":"CVE-2023-52753", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52753&packageName=kernel" }, { "summary":"CVE-2023-52756", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52756&packageName=kernel" }, { "summary":"CVE-2023-52759", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52759&packageName=kernel" }, { "summary":"CVE-2023-52774", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52774&packageName=kernel" }, { "summary":"CVE-2023-52789", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52789&packageName=kernel" }, { "summary":"CVE-2023-52795", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52795&packageName=kernel" }, { "summary":"CVE-2023-52796", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52796&packageName=kernel" }, { "summary":"CVE-2023-52798", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52798&packageName=kernel" }, { "summary":"CVE-2023-52799", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52799&packageName=kernel" }, { "summary":"CVE-2023-52800", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52800&packageName=kernel" }, { "summary":"CVE-2023-52802", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52802&packageName=kernel" }, { "summary":"CVE-2023-52814", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52814&packageName=kernel" }, { "summary":"CVE-2023-52819", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52819&packageName=kernel" }, { "summary":"CVE-2023-52826", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52826&packageName=kernel" }, { "summary":"CVE-2023-52831", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52831&packageName=kernel" }, { "summary":"CVE-2023-52832", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52832&packageName=kernel" }, { "summary":"CVE-2023-52836", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52836&packageName=kernel" }, { "summary":"CVE-2023-52838", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52838&packageName=kernel" }, { "summary":"CVE-2023-52864", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52864&packageName=kernel" }, { "summary":"CVE-2023-52865", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52865&packageName=kernel" }, { "summary":"CVE-2023-52871", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52871&packageName=kernel" }, { "summary":"CVE-2023-52875", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52875&packageName=kernel" }, { "summary":"CVE-2023-52878", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2023-52878&packageName=kernel" }, { "summary":"CVE-2024-26833", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-26833&packageName=kernel" }, { "summary":"CVE-2024-26877", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-26877&packageName=kernel" }, { "summary":"CVE-2024-26934", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-26934&packageName=kernel" }, { "summary":"CVE-2024-27020", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-27020&packageName=kernel" }, { "summary":"CVE-2024-27399", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-27399&packageName=kernel" }, { "summary":"CVE-2024-27401", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-27401&packageName=kernel" }, { "summary":"CVE-2024-27413", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-27413&packageName=kernel" }, { "summary":"CVE-2024-27415", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-27415&packageName=kernel" }, { "summary":"CVE-2024-35789", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35789&packageName=kernel" }, { "summary":"CVE-2024-35808", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35808&packageName=kernel" }, { "summary":"CVE-2024-35822", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35822&packageName=kernel" }, { "summary":"CVE-2024-35823", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35823&packageName=kernel" }, { "summary":"CVE-2024-35840", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35840&packageName=kernel" }, { "summary":"CVE-2024-35855", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35855&packageName=kernel" }, { "summary":"CVE-2024-35877", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35877&packageName=kernel" }, { "summary":"CVE-2024-35900", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35900&packageName=kernel" }, { "summary":"CVE-2024-35904", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35904&packageName=kernel" }, { "summary":"CVE-2024-35925", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35925&packageName=kernel" }, { "summary":"CVE-2024-35939", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35939&packageName=kernel" }, { "summary":"CVE-2024-35950", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35950&packageName=kernel" }, { "summary":"CVE-2024-35956", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35956&packageName=kernel" }, { "summary":"CVE-2024-35958", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35958&packageName=kernel" }, { "summary":"CVE-2024-35960", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35960&packageName=kernel" }, { "summary":"CVE-2024-35978", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35978&packageName=kernel" }, { "summary":"CVE-2024-35989", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-35989&packageName=kernel" }, { "summary":"CVE-2024-36000", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-36000&packageName=kernel" }, { "summary":"CVE-2024-36004", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-36004&packageName=kernel" }, { "summary":"CVE-2024-36007", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-36007&packageName=kernel" }, { "summary":"CVE-2024-36015", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-36015&packageName=kernel" }, { "summary":"CVE-2024-36940", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail?cveId=CVE-2024-36940&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47265" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47356" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47370" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47427" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47489" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48689" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52654" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52669" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52677" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52696" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52699" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52750" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52752" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52753" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52756" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52759" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52774" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52789" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52795" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52796" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52798" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52799" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52800" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52802" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52814" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52819" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52826" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52831" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52832" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52836" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52838" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52864" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52865" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52871" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52875" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52878" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26833" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26877" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26934" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27020" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27399" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27401" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27413" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27415" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35789" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35808" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35822" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35823" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35840" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35855" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35877" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35900" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35904" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35925" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35939" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35950" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35956" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35958" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35960" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35978" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35989" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36000" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36004" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36007" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36015" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36940" }, { "summary":"openEuler-SA-2024-1694 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openeuler-sa-2024-1694.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "tracking":{ "initial_release_date":"2024-06-07T09:19:37+08:00", "revision_history":[ { "date":"2024-06-07T09:19:37+08:00", "summary":"Initial", "number":"1.0.0" }, { "date":"2024-10-31T09:19:37+08:00", "summary":"final", "number":"2.0.0" } ], "generator":{ "date":"2024-10-31T09:19:37+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2024-10-31T09:19:37+08:00", "id":"openEuler-SA-2024-1694", "version":"2.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-202.0.0.115.oe2203sp3.src.rpm", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.src.rpm" }, "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"perf-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-202.0.0.115.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"perf-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "name":"kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2021-47265", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: Verify port when creating flow rule\n\nValidate port value provided by the user and with that remove no longer\nneeded validation by the driver. The missing check in the mlx5_ib driver\ncould cause to the below oops.\n\nCall trace:\n _create_flow_rule+0x2d4/0xf28 [mlx5_ib]\n mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib]\n ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs]\n ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs]\n ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs]\n do_vfs_ioctl+0xd0/0xaf0\n ksys_ioctl+0x84/0xb4\n __arm64_sys_ioctl+0x28/0xc4\n el0_svc_common.constprop.3+0xa4/0x254\n el0_svc_handler+0x84/0xa0\n el0_svc+0x10/0x26c\n Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2021-47265" }, { "cve":"CVE-2021-47356", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module's remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver's remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.7, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2021-47356" }, { "cve":"CVE-2021-47370", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure tx skbs always have the MPTCP ext\n\nDue to signed/unsigned comparison, the expression:\n\n\tinfo->size_goal - skb->len > 0\n\nevaluates to true when the size goal is smaller than the\nskb size. That results in lack of tx cache refill, so that\nthe skb allocated by the core TCP code lacks the required\nMPTCP skb extensions.\n\nDue to the above, syzbot is able to trigger the following WARN_ON():\n\nWARNING: CPU: 1 PID: 810 at net/mptcp/protocol.c:1366 mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nModules linked in:\nCPU: 1 PID: 810 Comm: syz-executor.4 Not tainted 5.14.0-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:mptcp_sendmsg_frag+0x1362/0x1bc0 net/mptcp/protocol.c:1366\nCode: ff 4c 8b 74 24 50 48 8b 5c 24 58 e9 0f fb ff ff e8 13 44 8b f8 4c 89 e7 45 31 ed e8 98 57 2e fe e9 81 f4 ff ff e8 fe 43 8b f8 <0f> 0b 41 bd ea ff ff ff e9 6f f4 ff ff 4c 89 e7 e8 b9 8e d2 f8 e9\nRSP: 0018:ffffc9000531f6a0 EFLAGS: 00010216\nRAX: 000000000000697f RBX: 0000000000000000 RCX: ffffc90012107000\nRDX: 0000000000040000 RSI: ffffffff88eac9e2 RDI: 0000000000000003\nRBP: ffff888078b15780 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff88eac017 R11: 0000000000000000 R12: ffff88801de0a280\nR13: 0000000000006b58 R14: ffff888066278280 R15: ffff88803c2fe9c0\nFS: 00007fd9f866e700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007faebcb2f718 CR3: 00000000267cb000 CR4: 00000000001506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n __mptcp_push_pending+0x1fb/0x6b0 net/mptcp/protocol.c:1547\n mptcp_release_cb+0xfe/0x210 net/mptcp/protocol.c:3003\n release_sock+0xb4/0x1b0 net/core/sock.c:3206\n sk_stream_wait_memory+0x604/0xed0 net/core/stream.c:145\n mptcp_sendmsg+0xc39/0x1bc0 net/mptcp/protocol.c:1749\n inet6_sendmsg+0x99/0xe0 net/ipv6/af_inet6.c:643\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n sock_write_iter+0x2a0/0x3e0 net/socket.c:1057\n call_write_iter include/linux/fs.h:2163 [inline]\n new_sync_write+0x40b/0x640 fs/read_write.c:507\n vfs_write+0x7cf/0xae0 fs/read_write.c:594\n ksys_write+0x1ee/0x250 fs/read_write.c:647\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd9f866e188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665f9\nRDX: 00000000000e7b78 RSI: 0000000020000000 RDI: 0000000000000003\nRBP: 00000000004bfcc4 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038\nR13: 0000000000a9fb1f R14: 00007fd9f866e300 R15: 0000000000022000\n\nFix the issue rewriting the relevant expression to avoid\nsign-related problems - note: size_goal is always >= 0.\n\nAdditionally, ensure that the skb in the tx cache always carries\nthe relevant extension.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2021-47370" }, { "cve":"CVE-2021-47427", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix iscsi_task use after free\n\nCommit d39df158518c (\"scsi: iscsi: Have abort handler get ref to conn\")\nadded iscsi_get_conn()/iscsi_put_conn() calls during abort handling but\nthen also changed the handling of the case where we detect an already\ncompleted task where we now end up doing a goto to the common put/cleanup\ncode. This results in a iscsi_task use after free, because the common\ncleanup code will do a put on the iscsi_task.\n\nThis reverts the goto and moves the iscsi_get_conn() to after we've checked\nif the iscsi_task is valid.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2021-47427" }, { "cve":"CVE-2021-47489", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix even more out of bound writes from debugfs\n\nCVE-2021-42327 was fixed by:\n\ncommit f23750b5b3d98653b31d4469592935ef6364ad67\nAuthor: Thelford Williams \nDate: Wed Oct 13 16:04:13 2021 -0400\n\n drm/amdgpu: fix out of bounds write\n\nbut amdgpu_dm_debugfs.c contains more of the same issue so fix the\nremaining ones.\n\nv2:\n\t* Add missing fix in dp_max_bpc_write (Harry Wentland)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.7, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2021-47489" }, { "cve":"CVE-2022-48689", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:tcp: TX zerocopy should not sense pfmemalloc statusWe got a recent syzbot report [1] showing a possible misuseof pfmemalloc page status in TCP zerocopy paths.Indeed, for pages coming from user space or other layers,using page_is_pfmemalloc() is moot, and possibly could givefalse positives.There has been attempts to make page_is_pfmemalloc() more robust,but not using it in the first place in this context is probably better,removing cpu cycles.Note to stable teams :You need to backport 84ce071e38a6 ( net: introduce__skb_fill_page_desc_noacc ) as a prereq.Race is more probable after commit c07aea3ef4d4( mm: add a signature in struct page ) because page_is_pfmemalloc()is now using low order bit from page->lru.next, which can changemore often than page->index.Low order bit should never be set for lru.next (when used as an anchorin LRU list), so KCSAN report is mostly a false positive.Backporting to older kernel versions seems not necessary.[1]BUG: KCSAN: data-race in lru_add_fn / tcp_build_fragwrite to 0xffffea0004a1d2c8 of 8 bytes by task 18600 on cpu 0:__list_add include/linux/list.h:73 [inline]list_add include/linux/list.h:88 [inline]lruvec_add_folio include/linux/mm_inline.h:105 [inline]lru_add_fn+0x440/0x520 mm/swap.c:228folio_batch_move_lru+0x1e1/0x2a0 mm/swap.c:246folio_batch_add_and_move mm/swap.c:263 [inline]folio_add_lru+0xf1/0x140 mm/swap.c:490filemap_add_folio+0xf8/0x150 mm/filemap.c:948__filemap_get_folio+0x510/0x6d0 mm/filemap.c:1981pagecache_get_page+0x26/0x190 mm/folio-compat.c:104grab_cache_page_write_begin+0x2a/0x30 mm/folio-compat.c:116ext4_da_write_begin+0x2dd/0x5f0 fs/ext4/inode.c:2988generic_perform_write+0x1d4/0x3f0 mm/filemap.c:3738ext4_buffered_write_iter+0x235/0x3e0 fs/ext4/file.c:270ext4_file_write_iter+0x2e3/0x1210call_write_iter include/linux/fs.h:2187 [inline]new_sync_write fs/read_write.c:491 [inline]vfs_write+0x468/0x760 fs/read_write.c:578ksys_write+0xe8/0x1a0 fs/read_write.c:631__do_sys_write fs/read_write.c:643 [inline]__se_sys_write fs/read_write.c:640 [inline]__x64_sys_write+0x3e/0x50 fs/read_write.c:640do_syscall_x64 arch/x86/entry/common.c:50 [inline]do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80entry_SYSCALL_64_after_hwframe+0x63/0xcdread to 0xffffea0004a1d2c8 of 8 bytes by task 18611 on cpu 1:page_is_pfmemalloc include/linux/mm.h:1740 [inline]__skb_fill_page_desc include/linux/skbuff.h:2422 [inline]skb_fill_page_desc include/linux/skbuff.h:2443 [inline]tcp_build_frag+0x613/0xb20 net/ipv4/tcp.c:1018do_tcp_sendpages+0x3e8/0xaf0 net/ipv4/tcp.c:1075tcp_sendpage_locked net/ipv4/tcp.c:1140 [inline]tcp_sendpage+0x89/0xb0 net/ipv4/tcp.c:1150inet_sendpage+0x7f/0xc0 net/ipv4/af_inet.c:833kernel_sendpage+0x184/0x300 net/socket.c:3561sock_sendpage+0x5a/0x70 net/socket.c:1054pipe_to_sendpage+0x128/0x160 fs/splice.c:361splice_from_pipe_feed fs/splice.c:415 [inline]__splice_from_pipe+0x222/0x4d0 fs/splice.c:559splice_from_pipe fs/splice.c:594 [inline]generic_splice_sendpage+0x89/0xc0 fs/splice.c:743do_splice_from fs/splice.c:764 [inline]direct_splice_actor+0x80/0xa0 fs/splice.c:931splice_direct_to_actor+0x305/0x620 fs/splice.c:886do_splice_direct+0xfb/0x180 fs/splice.c:974do_sendfile+0x3bf/0x910 fs/read_write.c:1249__do_sys_sendfile64 fs/read_write.c:1317 [inline]__se_sys_sendfile64 fs/read_write.c:1303 [inline]__x64_sys_sendfile64+0x10c/0x150 fs/read_write.c:1303do_syscall_x64 arch/x86/entry/common.c:50 [inline]do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80entry_SYSCALL_64_after_hwframe+0x63/0xcdvalue changed: 0x0000000000000000 -> 0xffffea0004a1d288Reported by Kernel Concurrency Sanitizer on:CPU: 1 PID: 18611 Comm: syz-executor.4 Not tainted 6.0.0-rc2-syzkaller-00248-ge022620b5d05-dirty #0Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2022-48689" }, { "cve":"CVE-2023-52654", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn't work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52654" }, { "cve":"CVE-2023-52669", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn't a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52669" }, { "cve":"CVE-2023-52677", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Check if the code to patch lies in the exit section\n\nOtherwise we fall through to vmalloc_to_page() which panics since the\naddress does not lie in the vmalloc region.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52677" }, { "cve":"CVE-2023-52696", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52696" }, { "cve":"CVE-2023-52699", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsysv: don't call sb_bread() with pointers_lock held\n\nsyzbot is reporting sleep in atomic context in SysV filesystem [1], for\nsb_bread() is called with rw_spinlock held.\n\nA \"write_lock(&pointers_lock) => read_lock(&pointers_lock) deadlock\" bug\nand a \"sb_bread() with write_lock(&pointers_lock)\" bug were introduced by\n\"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12.\n\nThen, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the\nformer bug by moving pointers_lock lock to the callers, but instead\nintroduced a \"sb_bread() with read_lock(&pointers_lock)\" bug (which made\nthis problem easier to hit).\n\nAl Viro suggested that why not to do like get_branch()/get_block()/\nfind_shared() in Minix filesystem does. And doing like that is almost a\nrevert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch()\n from with find_shared() is called without write_lock(&pointers_lock).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52699" }, { "cve":"CVE-2023-52750", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n 34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xec/0x108\n| show_stack+0x18/0x2c\n| dump_stack_lvl+0x50/0x68\n| dump_stack+0x18/0x24\n| panic+0x13c/0x340\n| el1t_64_irq_handler+0x0/0x1c\n| el1_abort+0x0/0x5c\n| el1h_64_sync+0x64/0x68\n| __pi_strcmp+0x1c/0x150\n| unflatten_dt_nodes+0x1e8/0x2d8\n| __unflatten_device_tree+0x5c/0x15c\n| unflatten_device_tree+0x38/0x50\n| setup_arch+0x164/0x1e0\n| start_kernel+0x64/0x38c\n| __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM's IAS 15.0.0 and newer, which contains the linked\ncommit.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52750" }, { "cve":"CVE-2023-52752", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:smb: client: fix use-after-free bug in cifs_debug_data_proc_show()Skip SMB sessions that are being teared down(e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show()to avoid use-after-free in @ses.This fixes the following GPF when reading from /proc/fs/cifs/DebugDatawhile mounting and umounting [ 816.251274] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI ... [ 816.260138] Call Trace: [ 816.260329] [ 816.260499] ? die_addr+0x36/0x90 [ 816.260762] ? exc_general_protection+0x1b3/0x410 [ 816.261126] ? asm_exc_general_protection+0x26/0x30 [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs] [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs] [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs] [ 816.262689] ? seq_read_iter+0x379/0x470 [ 816.262995] seq_read_iter+0x118/0x470 [ 816.263291] proc_reg_read_iter+0x53/0x90 [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f [ 816.263945] vfs_read+0x201/0x350 [ 816.264211] ksys_read+0x75/0x100 [ 816.264472] do_syscall_64+0x3f/0x90 [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 816.265135] RIP: 0033:0x7fd5e669d381", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-52752" }, { "cve":"CVE-2023-52753", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why & How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52753" }, { "cve":"CVE-2023-52756", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npwm: Fix double shift bug\n\nThese enums are passed to set/test_bit(). The set/test_bit() functions\ntake a bit number instead of a shifted value. Passing a shifted value\nis a double shift bug like doing BIT(BIT(1)). The double shift bug\ndoesn't cause a problem here because we are only checking 0 and 1 but\nif the value was 5 or above then it can lead to a buffer overflow.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52756" }, { "cve":"CVE-2023-52759", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: ignore negated quota changes\n\nWhen lots of quota changes are made, there may be cases in which an\ninode's quota information is increased and then decreased, such as when\nblocks are added to a file, then deleted from it. If the timing is\nright, function do_qc can add pending quota changes to a transaction,\nthen later, another call to do_qc can negate those changes, resulting\nin a net gain of 0. The quota_change information is recorded in the qc\nbuffer (and qd element of the inode as well). The buffer is added to the\ntransaction by the first call to do_qc, but a subsequent call changes\nthe value from non-zero back to zero. At that point it's too late to\nremove the buffer_head from the transaction. Later, when the quota sync\ncode is called, the zero-change qd element is discovered and flagged as\nan assert warning. If the fs is mounted with errors=panic, the kernel\nwill panic.\n\nThis is usually seen when files are truncated and the quota changes are\nnegated by punch_hole/truncate which uses gfs2_quota_hold and\ngfs2_quota_unhold rather than block allocations that use gfs2_quota_lock\nand gfs2_quota_unlock which automatically do quota sync.\n\nThis patch solves the problem by adding a check to qd_check_sync such\nthat net-zero quota changes already added to the transaction are no\nlonger deemed necessary to be synced, and skipped.\n\nIn this case references are taken for the qd and the slot from do_qc\nso those need to be put. The normal sequence of events for a normal\nnon-zero quota change is as follows:\n\ngfs2_quota_change\n do_qc\n qd_hold\n slot_hold\n\nLater, when the changes are to be synced:\n\ngfs2_quota_sync\n qd_fish\n qd_check_sync\n gets qd ref via lockref_get_not_dead\n do_sync\n do_qc(QC_SYNC)\n qd_put\n\t lockref_put_or_lock\n qd_unlock\n qd_put\n lockref_put_or_lock\n\nIn the net-zero change case, we add a check to qd_check_sync so it puts\nthe qd and slot references acquired in gfs2_quota_change and skip the\nunneeded sync.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52759" }, { "cve":"CVE-2023-52774", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52774" }, { "cve":"CVE-2023-52789", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52789" }, { "cve":"CVE-2023-52795", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\". So this call to\nida_simple_remove() is a use after free and a double free.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52795" }, { "cve":"CVE-2023-52796", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 <41> 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n<#DF>\n\n\n[] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[] cpu_online include/linux/cpumask.h:1092 [inline]\n[] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[] ip6_route_output include/net/ip6_route.h:100 [inline]\n[] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[] xmit_one net/core/dev.c:3644 [inline]\n[] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[] neigh_hh_output include/net/neighbour.h:529 [inline]\n[dm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52799" }, { "cve":"CVE-2023-52800", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.4, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52800" }, { "cve":"CVE-2023-52802", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()of_match_device() may fail and returns a NULL pointer.In practice there is no known reasonable way to trigger this, butin case one is added in future, harden the code by adding the check", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52802" }, { "cve":"CVE-2023-52814", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:drm/amdgpu: Fix potential null pointer derefernceThe amdgpu_ras_get_context may return NULL if devicenot support ras feature, so add check before using.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52814" }, { "cve":"CVE-2023-52819", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52819" }, { "cve":"CVE-2023-52826", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52826" }, { "cve":"CVE-2023-52831", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don't offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(&doms, &attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52831" }, { "cve":"CVE-2023-52832", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don't return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type 'int'\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"CRITICAL", "baseScore":9.1, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Critical", "category":"impact" } ], "title":"CVE-2023-52832" }, { "cve":"CVE-2023-52836", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nlocking/ww_mutex/test: Fix potential workqueue corruption\n\nIn some cases running with the test-ww_mutex code, I was seeing\nodd behavior where sometimes it seemed flush_workqueue was\nreturning before all the work threads were finished.\n\nOften this would cause strange crashes as the mutexes would be\nfreed while they were being used.\n\nLooking at the code, there is a lifetime problem as the\ncontrolling thread that spawns the work allocates the\n\"struct stress\" structures that are passed to the workqueue\nthreads. Then when the workqueue threads are finished,\nthey free the stress struct that was passed to them.\n\nUnfortunately the workqueue work_struct node is in the stress\nstruct. Which means the work_struct is freed before the work\nthread returns and while flush_workqueue is waiting.\n\nIt seems like a better idea to have the controlling thread\nboth allocate and free the stress structures, so that we can\nbe sure we don't corrupt the workqueue by freeing the structure\nprematurely.\n\nSo this patch reworks the test to do so, and with this change\nI no longer see the early flush_workqueue returns.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.4, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52836" }, { "cve":"CVE-2023-52838", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI've re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par->cmap_regs).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52838" }, { "cve":"CVE-2023-52864", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp->private_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52864" }, { "cve":"CVE-2023-52865", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52865" }, { "cve":"CVE-2023-52871", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-52871" }, { "cve":"CVE-2023-52875", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.1, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52875" }, { "cve":"CVE-2023-52878", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2023-52878" }, { "cve":"CVE-2024-26833", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix memory leak in dm_sw_fini()\n\nAfter destroying dmub_srv, the memory associated with it is\nnot freed, causing a memory leak:\n\nunreferenced object 0xffff896302b45800 (size 1024):\n comm \"(udev-worker)\", pid 222, jiffies 4294894636\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 6265fd77):\n [] kmalloc_trace+0x29d/0x340\n [] dm_dmub_sw_init+0xb4/0x450 [amdgpu]\n [] dm_sw_init+0x15/0x2b0 [amdgpu]\n [] amdgpu_device_init+0x1417/0x24e0 [amdgpu]\n [] amdgpu_driver_load_kms+0x15/0x190 [amdgpu]\n [] amdgpu_pci_probe+0x187/0x4e0 [amdgpu]\n [] local_pci_probe+0x3e/0x90\n [] pci_device_probe+0xc3/0x230\n [] really_probe+0xe2/0x480\n [] __driver_probe_device+0x78/0x160\n [] driver_probe_device+0x1f/0x90\n [] __driver_attach+0xce/0x1c0\n [] bus_for_each_dev+0x70/0xc0\n [] bus_add_driver+0x112/0x210\n [] driver_register+0x55/0x100\n [] do_one_initcall+0x41/0x300\n\nFix this by freeing dmub_srv after destroying it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-26833" }, { "cve":"CVE-2024-26877", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-26877" }, { "cve":"CVE-2024-26934", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:USB: core: Fix deadlock in usb_deauthorize_interface()Among the attribute file callback routines indrivers/usb/core/sysfs.c, the interface_authorized_store() function isthe only one which acquires a device lock on an ancestor device: Itcalls usb_deauthorize_interface(), which locks the interface s parentUSB device.The will lead to deadlock if another process already owns that lockand tries to remove the interface, whether through a configurationchange or because the device has been disconnected. As part of theremoval procedure, device_del() waits for all ongoing sysfs attributecallbacks to complete. But usb_deauthorize_interface() can t completeuntil the device lock has been released, and the lock won t bereleased until the removal has finished.The mechanism provided by sysfs to prevent this kind of deadlock isto use the sysfs_break_active_protection() function, which tells sysfsnot to wait for the attribute callback.Reported-and-tested by: Yue Sun Reported by: xingwei lee ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-26934" }, { "cve":"CVE-2024-27020", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()nft_unregister_expr() can concurrent with __nft_expr_type_get(),and there is not any protection when iterate over nf_tables_expressionslist in __nft_expr_type_get(). Therefore, there is potential data-raceof nf_tables_expressions list entry.Use list_for_each_entry_rcu() to iterate over nf_tables_expressionslist in __nft_expr_type_get(), and use rcu_read_lock() in the callernft_expr_type_get() to protect the entire type query process.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-27020" }, { "cve":"CVE-2024-27399", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan->conn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-27399" }, { "cve":"CVE-2024-27401", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-27401" }, { "cve":"CVE-2024-27413", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nefi/capsule-loader: fix incorrect allocation size\n\ngcc-14 notices that the allocation with sizeof(void) on 32-bit architectures\nis not enough for a 64-bit phys_addr_t:\n\ndrivers/firmware/efi/capsule-loader.c: In function 'efi_capsule_open':\ndrivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size '4' for type 'phys_addr_t' {aka 'long long unsigned int'} with size '8' [-Werror=alloc-size]\n 295 | cap_info->phys = kzalloc(sizeof(void *), GFP_KERNEL);\n | ^\n\nUse the correct type instead here.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-27413" }, { "cve":"CVE-2024-27415", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -> skb->_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb->_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb->_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won't happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn't allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn't work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia 'sabotage_in' hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-27415" }, { "cve":"CVE-2024-35789", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN's netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35789" }, { "cve":"CVE-2024-35808", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd/dm-raid: don't call md_reap_sync_thread() directly\n\nCurrently md_reap_sync_thread() is called from raid_message() directly\nwithout holding 'reconfig_mutex', this is definitely unsafe because\nmd_reap_sync_thread() can change many fields that is protected by\n'reconfig_mutex'.\n\nHowever, hold 'reconfig_mutex' here is still problematic because this\nwill cause deadlock, for example, commit 130443d60b1b (\"md: refactor\nidle/frozen_sync_thread() to fix deadlock\").\n\nFix this problem by using stop_sync_thread() to unregister sync_thread,\nlike md/raid did.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35808" }, { "cve":"CVE-2024-35822", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-35822" }, { "cve":"CVE-2024-35823", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvt: fix unicode buffer corruption when deleting characters\n\nThis is the same issue that was fixed for the VGA text buffer in commit\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\ndue to the overlaping buffers.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35823" }, { "cve":"CVE-2024-35840", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35840" }, { "cve":"CVE-2024-35855", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update\n\nThe rule activity update delayed work periodically traverses the list of\nconfigured rules and queries their activity from the device.\n\nAs part of this task it accesses the entry pointed by 'ventry->entry',\nbut this entry can be changed concurrently by the rehash delayed work,\nleading to a use-after-free [1].\n\nFix by closing the race and perform the activity query under the\n'vregion->lock' mutex.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\nRead of size 8 at addr ffff8881054ed808 by task kworker/0:18/181\n\nCPU: 0 PID: 181 Comm: kworker/0:18 Not tainted 6.9.0-rc2-custom-00781-gd5ab772d32f7 #2\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_rule_activity_update_work\nCall Trace:\n \n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_tcam_flower_rule_activity_get+0x121/0x140\n mlxsw_sp_acl_rule_activity_update_work+0x219/0x400\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_entry_create+0x7b/0x1f0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x30d/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 1039:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3d7/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35855" }, { "cve":"CVE-2024-35877", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won't do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn't call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let's update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma->vm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon't need the cachemode. We'll have to fail fork()->track_pfn_copy() if\nthe first page was replaced by an anon folio, though: we'd have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n<--- C reproducer --->\n #include \n #include \n #include \n #include \n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, &p);\n if (ring_fd < 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let's COW it. */\n *map = 0;\n pause();\n return 0;\n }\n<--- C reproducer --->\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring &\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35877" }, { "cve":"CVE-2024-35900", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] \n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35900" }, { "cve":"CVE-2024-35904", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: avoid dereference of garbage after mount failure\n\nIn case kern_mount() fails and returns an error pointer return in the\nerror branch instead of continuing and dereferencing the error pointer.\n\nWhile on it drop the never read static variable selinuxfs_mount.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35904" }, { "cve":"CVE-2024-35925", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst->nr_samples + src->nr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35925" }, { "cve":"CVE-2024-35939", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndma-direct: Leak pages on dma_set_decrypted() failure\n\nOn TDX it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\nshould be a rare case. Just leak the pages in this case instead of\nfreeing them.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35939" }, { "cve":"CVE-2024-35950", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev->mode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors'\nmode lists, which are protected by dev->mode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-35950" }, { "cve":"CVE-2024-35956", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume's fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root's PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35956" }, { "cve":"CVE-2024-35958", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn't been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren't freed correctly, leading to crashes.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35958" }, { "cve":"CVE-2024-35960", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node->parent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"CRITICAL", "baseScore":9.1, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Critical", "category":"impact" } ], "title":"CVE-2024-35960" }, { "cve":"CVE-2024-35978", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:Bluetooth: Fix memory leak in hci_req_sync_complete()In hci_req_sync_complete() , always free the previous syncrequest state before assigning reference to a new one.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35978" }, { "cve":"CVE-2024-35989", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix oops during rmmod on single-CPU platforms\n\nDuring the removal of the idxd driver, registered offline callback is\ninvoked as part of the clean up process. However, on systems with only\none CPU online, no valid target is available to migrate the\nperf context, resulting in a kernel oops:\n\n BUG: unable to handle page fault for address: 000000000002a2b8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 1470e1067 P4D 0\n Oops: 0002 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 20 Comm: cpuhp/0 Not tainted 6.8.0-rc6-dsa+ #57\n Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.86B.2492.D03.2307181620 07/18/2023\n RIP: 0010:mutex_lock+0x2e/0x50\n ...\n Call Trace:\n \n __die+0x24/0x70\n page_fault_oops+0x82/0x160\n do_user_addr_fault+0x65/0x6b0\n __pfx___rdmsr_safe_on_cpu+0x10/0x10\n exc_page_fault+0x7d/0x170\n asm_exc_page_fault+0x26/0x30\n mutex_lock+0x2e/0x50\n mutex_lock+0x1e/0x50\n perf_pmu_migrate_context+0x87/0x1f0\n perf_event_cpu_offline+0x76/0x90 [idxd]\n cpuhp_invoke_callback+0xa2/0x4f0\n __pfx_perf_event_cpu_offline+0x10/0x10 [idxd]\n cpuhp_thread_fun+0x98/0x150\n smpboot_thread_fn+0x27/0x260\n smpboot_thread_fn+0x1af/0x260\n __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x103/0x140\n __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \n\nFix the issue by preventing the migration of the perf context to an\ninvalid target.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-35989" }, { "cve":"CVE-2024-36000", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix missing hugetlb_lock for resv uncharge\n\nThere is a recent report on UFFDIO_COPY over hugetlb:\n\nhttps://lore.kernel.org/all/000000000000ee06de0616177560@google.com/\n\n350:\tlockdep_assert_held(&hugetlb_lock);\n\nShould be an issue in hugetlb but triggered in an userfault context, where\nit goes into the unlikely path where two threads modifying the resv map\ntogether. Mike has a fix in that path for resv uncharge but it looks like\nthe locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd()\nwill update the cgroup pointer, so it requires to be called with the lock\nheld.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-36000" }, { "cve":"CVE-2024-36004", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nIssue reported by customer during SRIOV testing, call trace:\nWhen both i40e and the i40iw driver are loaded, a warning\nin check_flush_dependency is being triggered. This seems\nto be because of the i40e driver workqueue is allocated with\nthe WQ_MEM_RECLAIM flag, and the i40iw one is not.\n\nSimilar error was encountered on ice too and it was fixed by\nremoving the flag. Do the same for i40e too.\n\n[Feb 9 09:08] ------------[ cut here ]------------\n[ +0.000004] workqueue: WQ_MEM_RECLAIM i40e:i40e_service_task [i40e] is\nflushing !WQ_MEM_RECLAIM infiniband:0x0\n[ +0.000060] WARNING: CPU: 0 PID: 937 at kernel/workqueue.c:2966\ncheck_flush_dependency+0x10b/0x120\n[ +0.000007] Modules linked in: snd_seq_dummy snd_hrtimer snd_seq\nsnd_timer snd_seq_device snd soundcore nls_utf8 cifs cifs_arc4\nnls_ucs2_utils rdma_cm iw_cm ib_cm cifs_md4 dns_resolver netfs qrtr\nrfkill sunrpc vfat fat intel_rapl_msr intel_rapl_common irdma\nintel_uncore_frequency intel_uncore_frequency_common ice ipmi_ssif\nisst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal\nintel_powerclamp gnss coretemp ib_uverbs rapl intel_cstate ib_core\niTCO_wdt iTCO_vendor_support acpi_ipmi mei_me ipmi_si intel_uncore\nioatdma i2c_i801 joydev pcspkr mei ipmi_devintf lpc_ich\nintel_pch_thermal i2c_smbus ipmi_msghandler acpi_power_meter acpi_pad\nxfs libcrc32c ast sd_mod drm_shmem_helper t10_pi drm_kms_helper sg ixgbe\ndrm i40e ahci crct10dif_pclmul libahci crc32_pclmul igb crc32c_intel\nlibata ghash_clmulni_intel i2c_algo_bit mdio dca wmi dm_mirror\ndm_region_hash dm_log dm_mod fuse\n[ +0.000050] CPU: 0 PID: 937 Comm: kworker/0:3 Kdump: loaded Not\ntainted 6.8.0-rc2-Feb-net_dev-Qiueue-00279-gbd43c5687e05 #1\n[ +0.000003] Hardware name: Intel Corporation S2600BPB/S2600BPB, BIOS\nSE5C620.86B.02.01.0013.121520200651 12/15/2020\n[ +0.000001] Workqueue: i40e i40e_service_task [i40e]\n[ +0.000024] RIP: 0010:check_flush_dependency+0x10b/0x120\n[ +0.000003] Code: ff 49 8b 54 24 18 48 8d 8b b0 00 00 00 49 89 e8 48\n81 c6 b0 00 00 00 48 c7 c7 b0 97 fa 9f c6 05 8a cc 1f 02 01 e8 35 b3 fd\nff <0f> 0b e9 10 ff ff ff 80 3d 78 cc 1f 02 00 75 94 e9 46 ff ff ff 90\n[ +0.000002] RSP: 0018:ffffbd294976bcf8 EFLAGS: 00010282\n[ +0.000002] RAX: 0000000000000000 RBX: ffff94d4c483c000 RCX:\n0000000000000027\n[ +0.000001] RDX: ffff94d47f620bc8 RSI: 0000000000000001 RDI:\nffff94d47f620bc0\n[ +0.000001] RBP: 0000000000000000 R08: 0000000000000000 R09:\n00000000ffff7fff\n[ +0.000001] R10: ffffbd294976bb98 R11: ffffffffa0be65e8 R12:\nffff94c5451ea180\n[ +0.000001] R13: ffff94c5ab5e8000 R14: ffff94c5c20b6e05 R15:\nffff94c5f1330ab0\n[ +0.000001] FS: 0000000000000000(0000) GS:ffff94d47f600000(0000)\nknlGS:0000000000000000\n[ +0.000002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000001] CR2: 00007f9e6f1fca70 CR3: 0000000038e20004 CR4:\n00000000007706f0\n[ +0.000000] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ +0.000001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ +0.000001] PKRU: 55555554\n[ +0.000001] Call Trace:\n[ +0.000001] \n[ +0.000002] ? __warn+0x80/0x130\n[ +0.000003] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? report_bug+0x195/0x1a0\n[ +0.000005] ? handle_bug+0x3c/0x70\n[ +0.000003] ? exc_invalid_op+0x14/0x70\n[ +0.000002] ? asm_exc_invalid_op+0x16/0x20\n[ +0.000006] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] __flush_workqueue+0x126/0x3f0\n[ +0.000015] ib_cache_cleanup_one+0x1c/0xe0 [ib_core]\n[ +0.000056] __ib_unregister_device+0x6a/0xb0 [ib_core]\n[ +0.000023] ib_unregister_device_and_put+0x34/0x50 [ib_core]\n[ +0.000020] i40iw_close+0x4b/0x90 [irdma]\n[ +0.000022] i40e_notify_client_of_netdev_close+0x54/0xc0 [i40e]\n[ +0.000035] i40e_service_task+0x126/0x190 [i40e]\n[ +0.000024] process_one_work+0x174/0x340\n[ +0.000003] worker_th\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-36004" }, { "cve":"CVE-2024-36007", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\n\nAs previously explained, the rehash delayed work migrates filters from\none region to another. This is done by iterating over all chunks (all\nthe filters with the same priority) in the region and in each chunk\niterating over all the filters.\n\nWhen the work runs out of credits it stores the current chunk and entry\nas markers in the per-work context so that it would know where to resume\nthe migration from the next time the work is scheduled.\n\nUpon error, the chunk marker is reset to NULL, but without resetting the\nentry markers despite being relative to it. This can result in migration\nbeing resumed from an entry that does not belong to the chunk being\nmigrated. In turn, this will eventually lead to a chunk being iterated\nover as if it is an entry. Because of how the two structures happen to\nbe defined, this does not lead to KASAN splats, but to warnings such as\n[1].\n\nFix by creating a helper that resets all the markers and call it from\nall the places the currently only reset the chunk marker. For good\nmeasures also call it when starting a completely new rehash. Add a\nwarning to avoid future cases.\n\n[1]\nWARNING: CPU: 7 PID: 1076 at drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407 mlxsw_afk_encode+0x242/0x2f0\nModules linked in:\nCPU: 7 PID: 1076 Comm: kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_afk_encode+0x242/0x2f0\n[...]\nCall Trace:\n \n mlxsw_sp_acl_atcam_entry_add+0xd9/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x109/0x290\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-36007" }, { "cve":"CVE-2024-36015", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-36015" }, { "cve":"CVE-2024-36940", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1694" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-202.0.0.115.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-202.0.0.115.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-36940" } ] }