{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP4", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference in pcs_get_function()\n\npinmux_generic_get_function() can return NULL and the pointer 'function'\nwas dereferenced without checking against NULL. Add checking of pointer\n'function' in pcs_get_function().\n\nFound by code review.(CVE-2024-46685)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Mark XDomain as unplugged when router is removed\n\nI noticed that when we do discrete host router NVM upgrade and it gets\nhot-removed from the PCIe side as a result of NVM firmware authentication,\nif there is another host connected with enabled paths we hang in tearing\nthem down. This is due to fact that the Thunderbolt networking driver\nalso tries to cleanup the paths and ends up blocking in\ntb_disconnect_xdomain_paths() waiting for the domain lock.\n\nHowever, at this point we already cleaned the paths in tb_stop() so\nthere is really no need for tb_disconnect_xdomain_paths() to do that\nanymore. Furthermore it already checks if the XDomain is unplugged and\nbails out early so take advantage of that and mark the XDomain as\nunplugged when we remove the parent router.(CVE-2024-46702)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]\n\n[WHY & HOW]\nnum_valid_sets needs to be checked to avoid a negative index when\naccessing reader_wm_sets[num_valid_sets - 1].\n\nThis fixes an OVERRUN issue reported by Coverity.(CVE-2024-46815)\n\nIn the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i_count 1 is called by iput(), and there's a concurrent thread calling generic_shutdown_super(). cpu0: cpu1: iput() // i_count is 1 ->spin_lock(inode) ->dec i_count to 0 ->iput_final() generic_shutdown_super() ->__inode_add_lru() ->evict_inodes() // cause some reason[2] ->if (atomic_read(inode->i_count)) continue; // return before // inode 261 passed the above check // list_lru_add_obj() // and then schedule out ->spin_unlock() // note here: the inode 261 // was still at sb list and hash list, // and I_FREEING|I_WILL_FREE was not been set btrfs_iget() // after some function calls ->find_inode() // found the above inode 261 ->spin_lock(inode) // check I_FREEING|I_WILL_FREE // and passed ->__iget() ->spin_unlock(inode) // schedule back ->spin_lock(inode) // check (I_NEW|I_FREEING|I_WILL_FREE) flags, // passed and set I_FREEING iput() ->spin_unlock(inode) ->spin_lock(inode) ->evict() // dec i_count to 0 ->iput_final() ->spin_unlock() ->evict() Now, we have two threads simultaneously evicting the same inode, which may trigger the BUG(inode->i_state & I_CLEAR) statement both within clear_inode() and iput(). To fix the bug, recheck the inode->i_count after holding i_lock. Because in the most scenarios, the first check is valid, and the overhead of spin_lock() can be reduced. If there is any misunderstanding, please let me know, thanks. [1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/ [2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable() return false when I reproduced the bug.(CVE-2024-47679)\n\nIn the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff : region0 490000000-50fffffff : dax0.0 490000000-50fffffff : System RAM (kmem) Because drivers/dax/kmem.c calls add_memory_driver_managed() during onlining CXL memory, which makes \"System RAM (kmem)\" a descendant of \"CXL Window X\". This confuses region_intersects(), which expects all \"System RAM\" resources to be at the top level of iomem_resource. This can lead to bugs. For example, when the following command line is executed to write some memory in CXL memory range via /dev/mem, $ dd if=data of=/dev/mem bs=$((1 << 10)) seek=$((0x490000000 >> 10)) count=1 dd: error writing '/dev/mem': Bad address 1+0 records in 0+0 records out 0 bytes copied, 0.0283507 s, 0.0 kB/s the command fails as expected. However, the error code is wrong. It should be \"Operation not permitted\" instead of \"Bad address\". More seriously, the /dev/mem permission checking in devmem_is_allowed() passes incorrectly. Although the accessing is prevented later because ioremap() isn't allowed to map system RAM, it is a potential security issue. During command executing, the following warning is reported in the kernel log for calling ioremap() on system RAM. ioremap on RAM at 0x0000000490000000 - 0x0000000490000fff WARNING: CPU: 2 PID: 416 at arch/x86/mm/ioremap.c:216 __ioremap_caller.constprop.0+0x131/0x35d Call Trace: memremap+0xcb/0x184 xlate_dev_mem_ptr+0x25/0x2f write_mem+0x94/0xfb vfs_write+0x128/0x26d ksys_write+0xac/0xfe do_syscall_64+0x9a/0xfd entry_SYSCALL_64_after_hwframe+0x4b/0x53 The details of command execution process are as follows. In the above resource tree, \"System RAM\" is a descendant of \"CXL Window 0\" instead of a top level resource. So, region_intersects() will report no System RAM resources in the CXL memory region incorrectly, because it only checks the top level resources. Consequently, devmem_is_allowed() will return 1 (allow access via /dev/mem) for CXL memory region incorrectly. Fortunately, ioremap() doesn't allow to map System RAM and reject the access. So, region_intersects() needs to be fixed to work correctly with the resource tree with \"System RAM\" not at top level as above. To fix it, if we found a unmatched resource in the top level, we will continue to search matched resources in its descendant resources. So, we will not miss any matched resources in resource tree anymore. In the new implementation, an example resource tree |------------- \"CXL Window 0\" ------------| |-- \"System RAM\" --| will behave similar as the following fake resource tree for region_intersects(, IORESOURCE_SYSTEM_RAM, ), |-- \"System RAM\" --||-- \"CXL Window 0a\" --| Where \"CXL Window 0a\" is part of the original \"CXL Window 0\" that isn't covered by \"System RAM\".(CVE-2024-49878)\n\nIn the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init() One path takes care of SKB_GSO_DODGY, assuming skb->len is bigger than hdr_len. virtio_net_hdr_to_skb() does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is possible for an user to provide a malicious 'GSO' packet, total length of 80 bytes. - 20 bytes of IPv4 header - 60 bytes TCP header - a small gso_size like 8 virtio_net_hdr_to_skb() would declare this packet as a normal GSO packet, because it would see 40 bytes of payload, bigger than gso_size. We need to make detect this case to not underflow qdisc_skb_cb(skb)->pkt_len.(CVE-2024-49948)\n\nIn the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 (\"net: be more gentle about silly gso requests coming from user\") virtio_net_hdr_to_skb() had sanity check to detect malicious attempts from user space to cook a bad GSO packet. Then commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count transport header in UFO\") while fixing one issue, allowed user space to cook a GSO packet with the following characteristic : IPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28. When this packet arrives in qdisc_pkt_len_init(), we end up with hdr_len = 28 (IPv4 header + UDP header), matching skb->len Then the following sets gso_segs to 0 : gso_segs = DIV_ROUND_UP(skb->len - hdr_len, shinfo->gso_size); Then later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/ qdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len; This leads to the following crash in fq_codel [1] qdisc_pkt_len_init() is best effort, we only want an estimation of the bytes sent on the wire, not crashing the kernel. This patch is fixing this particular issue, a following one adds more sanity checks for another potential bug. [1] [ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 70.724561] #PF: supervisor read access in kernel mode [ 70.724561] #PF: error_code(0x0000) - not-present page [ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0 [ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI [ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991 [ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel [ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49 All code ======== 0: 24 08 and $0x8,%al 2: 49 c1 e1 06 shl $0x6,%r9 6: 44 89 7c 24 18 mov %r15d,0x18(%rsp) b: 45 31 ed xor %r13d,%r13d e: 45 31 c0 xor %r8d,%r8d 11: 31 ff xor %edi,%edi 13: 89 44 24 14 mov %eax,0x14(%rsp) 17: 4c 03 8b 90 01 00 00 add 0x190(%rbx),%r9 1e: eb 04 jmp 0x24 20: 39 ca cmp %ecx,%edx 22: 73 37 jae 0x5b 24: 4d 8b 39 mov (%r9),%r15 27: 83 c7 01 add $0x1,%edi 2a:* 49 8b 17 mov (%r15),%rdx <-- trapping instruction 2d: 49 89 11 mov %rdx,(%r9) 30: 41 8b 57 28 mov 0x28(%r15),%edx 34: 45 8b 5f 34 mov 0x34(%r15),%r11d 38: 49 c7 07 00 00 00 00 movq $0x0,(%r15) 3f: 49 rex.WB Code starting with the faulting instruction =========================================== 0: 49 8b 17 mov (%r15),%rdx 3: 49 89 11 mov %rdx,(%r9) 6: 41 8b 57 28 mov 0x28(%r15),%edx a: 45 8b 5f 34 mov 0x34(%r15),%r11d e: 49 c7 07 00 00 00 00 movq $0x0,(%r15) 15: 49 rex.WB [ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202 [ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000 [ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000 [ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58 [ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000 [ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000 [ 70.724561] CS: 0010 DS: 0000 ES: 0000 C ---truncated---(CVE-2024-49949)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function cancels the s_err_report timer, which reminds about filesystem errors daily. We should guarantee the timer is no longer active before kfree(sbi). When filesystem mounting fails, the flow goes to failed_mount3, where an error occurs when ext4_stop_mmpd is called, causing a read I/O failure. This triggers the ext4_handle_error function that ultimately re-arms the timer, leaving the s_err_report timer active before kfree(sbi) is called. Fix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.(CVE-2024-49960)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1(CVE-2024-49967)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(), the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free in the following process: ext4_ext_replay_update_ex ppath = path ext4_force_split_extent_at(&ppath) ext4_split_extent_at ext4_ext_insert_extent ext4_ext_create_new_leaf ext4_ext_grow_indepth ext4_find_extent if (depth > path[0].p_maxdepth) kfree(path) ---> path First freed *orig_path = path = NULL ---> null ppath kfree(path) ---> path double-free !!! So drop the unnecessary ppath and use path directly to avoid this problem. And use ext4_find_extent() directly to update path, avoiding unnecessary memory allocation and freeing. Also, propagate the error returned by ext4_find_extent() instead of using strange error codes.(CVE-2024-49983)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates because the file descriptor is opened with O_SYNC. This can lead to the jbd2_journal_stop() function calling jbd2_might_wait_for_commit(), potentially causing a deadlock if the EXT4_IOC_MIGRATE call races with a write(2) system call. This problem only arises when CONFIG_PROVE_LOCKING is enabled. In this case, the jbd2_might_wait_for_commit macro locks jbd2_handle in the jbd2_journal_stop function while i_data_sem is locked. This triggers lockdep because the jbd2_journal_start function might also lock the same jbd2_handle simultaneously. Found by Linux Verification Center (linuxtesting.org) with syzkaller. Rule: add(CVE-2024-50006)\n\nIn the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak.(CVE-2024-50013)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180 ... In the replay path there's an attempt to lock sbi->s_bdev_wb_lock in function ext4_check_bdev_write_error(). Unfortunately, at this point this spinlock has not been initialized yet. Moving it's initialization to an earlier point in __ext4_fill_super() fixes this splat.(CVE-2024-50014)\n\nIn the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm] __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389 update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500 __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846 __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161 gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm] _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107 __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm] ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195 ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79 __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338 __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805 tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818 Allocated by task 65: gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm] gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm] gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm] gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm] tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39 flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445 process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229 worker_thread+0x3dc/0x950 kernel/workqueue.c:3391 kthread+0x2a3/0x370 kernel/kthread.c:389 ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257 Freed by task 3367: kfree+0x126/0x420 mm/slub.c:4580 gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm] tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818 [Analysis] gsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux can be freed by multi threads through ioctl,which leads to the occurrence of uaf. Protect it by gsm tx lock.(CVE-2024-50073)\n\nIn the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0 Oops: Oops: 0002 [#1] PREEMPT SMP PTI CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40 Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00 RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011 RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084 RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011 R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002 R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003 FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: try_to_wake_up+0x5a/0x6a0 rq_qos_wake_function+0x71/0x80 __wake_up_common+0x75/0xa0 __wake_up+0x36/0x60 scale_up.part.0+0x50/0x110 wb_timer_fn+0x227/0x450 ... So rq_qos_wake_function() calls wake_up_process(data->task), which calls try_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock). p comes from data->task, and data comes from the waitqueue entry, which is stored on the waiter's stack in rq_qos_wait(). Analyzing the core dump with drgn, I found that the waiter had already woken up and moved on to a completely unrelated code path, clobbering what was previously data->task. Meanwhile, the waker was passing the clobbered garbage in data->task to wake_up_process(), leading to the crash. What's happening is that in between rq_qos_wake_function() deleting the waitqueue entry and calling wake_up_process(), rq_qos_wait() is finding that it already got a token and returning. The race looks like this: rq_qos_wait() rq_qos_wake_function() ============================================================== prepare_to_wait_exclusive() data->got_token = true; list_del_init(&curr->entry); if (data.got_token) break; finish_wait(&rqw->wait, &data.wq); ^- returns immediately because list_empty_careful(&wq_entry->entry) is true ... return, go do something else ... wake_up_process(data->task) (NO LONGER VALID!)-^ Normally, finish_wait() is supposed to synchronize against the waker. But, as noted above, it is returning immediately because the waitqueue entry has already been removed from the waitqueue. The bug is that rq_qos_wake_function() is accessing the waitqueue entry AFTER deleting it. Note that autoremove_wake_function() wakes the waiter and THEN deletes the waitqueue entry, which is the proper order. Fix it by swapping the order. We also need to use list_del_init_careful() to match the list_empty_careful() in finish_wait().(CVE-2024-50082)\n\nIn the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler. This leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes Trace: ----- BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767] CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1 Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019 Workqueue: ib_mad1 timeout_sends [ib_core] RIP: 0010:__do_softirq+0x78/0x2ac RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246 RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000 R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040 FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? show_trace_log_lvl+0x1c4/0x2df ? show_trace_log_lvl+0x1c4/0x2df ? __irq_exit_rcu+0xa1/0xc0 ? watchdog_timer_fn+0x1b2/0x210 ? __pfx_watchdog_timer_fn+0x10/0x10 ? __hrtimer_run_queues+0x127/0x2c0 ? hrtimer_interrupt+0xfc/0x210 ? __sysvec_apic_timer_interrupt+0x5c/0x110 ? sysvec_apic_timer_interrupt+0x37/0x90 ? asm_sysvec_apic_timer_interrupt+0x16/0x20 ? __do_softirq+0x78/0x2ac ? __do_softirq+0x60/0x2ac __irq_exit_rcu+0xa1/0xc0 sysvec_call_function_single+0x72/0x90 asm_sysvec_call_function_single+0x16/0x20 RIP: 0010:_raw_spin_unlock_irq+0x14/0x30 RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247 RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800 RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000 R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538 R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c cm_process_send_error+0x122/0x1d0 [ib_cm] timeout_sends+0x1dd/0x270 [ib_core] process_one_work+0x1e2/0x3b0 ? __pfx_worker_thread+0x10/0x10 worker_thread+0x50/0x3a0 ? __pfx_worker_thread+0x10/0x10 kthread+0xdd/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x29/0x50 Simplified timeout handler by creating local list of timed out WRs and invoke send handler post creating the list. The new method acquires/ releases lock once to fetch the list and hence helps to reduce locking contetiong when processing higher no. of WRs(CVE-2024-50095)\n\nIn the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with plain C accesses. When uprobes was added, these were reused unmodified even though they cannot safely access user memory. There are three key problems: 1) The plain C accesses do not have corresponding extable entries, and thus if they encounter a fault the kernel will treat these as unintentional accesses to user memory, resulting in a BUG() which will kill the kernel thread, and likely lead to further issues (e.g. lockup or panic()). 2) The plain C accesses are subject to HW PAN and SW PAN, and so when either is in use, any attempt to simulate an access to user memory will fault. Thus neither simulate_ldr_literal() nor simulate_ldrsw_literal() can do anything useful when simulating a user instruction on any system with HW PAN or SW PAN. 3) The plain C accesses are privileged, as they run in kernel context, and in practice can access a small range of kernel virtual addresses. The instructions they simulate have a range of +/-1MiB, and since the simulated instructions must itself be a user instructions in the TTBR0 address range, these can address the final 1MiB of the TTBR1 acddress range by wrapping downwards from an address in the first 1MiB of the TTBR0 address range. In contemporary kernels the last 8MiB of TTBR1 address range is reserved, and accesses to this will always fault, meaning this is no worse than (1). Historically, it was theoretically possible for the linear map or vmemmap to spill into the final 8MiB of the TTBR1 address range, but in practice this is extremely unlikely to occur as this would require either: * Having enough physical memory to fill the entire linear map all the way to the final 1MiB of the TTBR1 address range. * Getting unlucky with KASLR randomization of the linear map such that the populated region happens to overlap with the last 1MiB of the TTBR address range. ... and in either case if we were to spill into the final page there would be larger problems as the final page would alias with error pointers. Practically speaking, (1) and (2) are the big issues. Given there have been no reports of problems since the broken code was introduced, it appears that no-one is relying on probing these instructions with uprobes. Avoid these issues by not allowing uprobes on LDR (literal) and LDRSW (literal), limiting the use of simulate_ldr_literal() and simulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR (literal) and LDRSW (literal) will be rejected as arm_probe_decode_insn() will return INSN_REJECTED. In future we can consider introducing working uprobes support for these instructions, but this will require more significant work.(CVE-2024-50099)\n\nIn the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it.(CVE-2024-50131)\n\nIn the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If such a task ever ends up calling stack_top(), it will derefence the NULL vdso pointer and crash. This can for example happen when using kunit: [<9000000000203874>] stack_top+0x58/0xa8 [<90000000002956cc>] arch_pick_mmap_layout+0x164/0x220 [<90000000003c284c>] kunit_vm_mmap_init+0x108/0x12c [<90000000003c1fbc>] __kunit_add_resource+0x38/0x8c [<90000000003c2704>] kunit_vm_mmap+0x88/0xc8 [<9000000000410b14>] usercopy_test_init+0xbc/0x25c [<90000000003c1db4>] kunit_try_run_case+0x5c/0x184 [<90000000003c3d54>] kunit_generic_run_threadfn_adapter+0x24/0x48 [<900000000022e4bc>] kthread+0xc8/0xd4 [<9000000000200ce8>] ret_from_kernel_thread+0xc/0xa4(CVE-2024-50133)\n\nIn the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a (\"xfrm: Validate address prefix lengths in the xfrm selector.\") syzbot created an SA with usersa.sel.family = AF_UNSPEC usersa.sel.prefixlen_s = 128 usersa.family = AF_INET Because of the AF_UNSPEC selector, verify_newsa_info doesn't put limits on prefixlen_{s,d}. But then copy_from_user_state sets x->sel.family to usersa.family (AF_INET). Do the same conversion in verify_newsa_info before validating prefixlen_{s,d}, since that's how prefixlen is going to be used later on.(CVE-2024-50142)\n\nIn the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). \"\"\" We are seeing a use-after-free from a bpf prog attached to trace_tcp_retransmit_synack. The program passes the req->sk to the bpf_sk_storage_get_tracing kernel helper which does check for null before using it. \"\"\" The commit 83fccfc3940c (\"inet: fix potential deadlock in reqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not to call del_timer_sync() from reqsk_timer_handler(), but it introduced a small race window. Before the timer is called, expire_timers() calls detach_timer(timer, true) to clear timer->entry.pprev and marks it as not pending. If reqsk_queue_unlink() checks timer_pending() just after expire_timers() calls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will continue running and send multiple SYN+ACKs until it expires. The reported UAF could happen if req->sk is close()d earlier than the timer expiration, which is 63s by default. The scenario would be 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(), but del_timer_sync() is missed 2. reqsk timer is executed and scheduled again 3. req->sk is accept()ed and reqsk_put() decrements rsk_refcnt, but reqsk timer still has another one, and inet_csk_accept() does not clear req->sk for non-TFO sockets 4. sk is close()d 5. reqsk timer is executed again, and BPF touches req->sk Let's not use timer_pending() by passing the caller context to __inet_csk_reqsk_queue_drop(). Note that reqsk timer is pinned, so the issue does not happen in most use cases. [1] [0] BUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0 Use-after-free read at 0x00000000a891fb3a (in kfence-#1): bpf_sk_storage_get_tracing+0x2e/0x1b0 bpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda bpf_trace_run2+0x4c/0xc0 tcp_rtx_synack+0xf9/0x100 reqsk_timer_handler+0xda/0x3d0 run_timer_softirq+0x292/0x8a0 irq_exit_rcu+0xf5/0x320 sysvec_apic_timer_interrupt+0x6d/0x80 asm_sysvec_apic_timer_interrupt+0x16/0x20 intel_idle_irq+0x5a/0xa0 cpuidle_enter_state+0x94/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb kfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6 allocated by task 0 on cpu 9 at 260507.901592s: sk_prot_alloc+0x35/0x140 sk_clone_lock+0x1f/0x3f0 inet_csk_clone_lock+0x15/0x160 tcp_create_openreq_child+0x1f/0x410 tcp_v6_syn_recv_sock+0x1da/0x700 tcp_check_req+0x1fb/0x510 tcp_v6_rcv+0x98b/0x1420 ipv6_list_rcv+0x2258/0x26e0 napi_complete_done+0x5b1/0x2990 mlx5e_napi_poll+0x2ae/0x8d0 net_rx_action+0x13e/0x590 irq_exit_rcu+0xf5/0x320 common_interrupt+0x80/0x90 asm_common_interrupt+0x22/0x40 cpuidle_enter_state+0xfb/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb freed by task 0 on cpu 9 at 260507.927527s: rcu_core_si+0x4ff/0xf10 irq_exit_rcu+0xf5/0x320 sysvec_apic_timer_interrupt+0x6d/0x80 asm_sysvec_apic_timer_interrupt+0x16/0x20 cpuidle_enter_state+0xfb/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb(CVE-2024-50154)\n\nIn the Linux kernel, the following vulnerability has been resolved: virtio_pmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtio_pmem_flush(), causing the system to hang. So add a status check in the beginning of virtio_pmem_flush() to return early if the device is not activated.(CVE-2024-50184)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2024-2424", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" }, { "summary":"CVE-2024-46685", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-46685&packageName=kernel" }, { "summary":"CVE-2024-46702", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-46702&packageName=kernel" }, { "summary":"CVE-2024-46815", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-46815&packageName=kernel" }, { "summary":"CVE-2024-47679", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-47679&packageName=kernel" }, { "summary":"CVE-2024-49878", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49878&packageName=kernel" }, { "summary":"CVE-2024-49948", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49948&packageName=kernel" }, { "summary":"CVE-2024-49949", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49949&packageName=kernel" }, { "summary":"CVE-2024-49960", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49960&packageName=kernel" }, { "summary":"CVE-2024-49967", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49967&packageName=kernel" }, { "summary":"CVE-2024-49983", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49983&packageName=kernel" }, { "summary":"CVE-2024-50006", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50006&packageName=kernel" }, { "summary":"CVE-2024-50013", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50013&packageName=kernel" }, { "summary":"CVE-2024-50014", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50014&packageName=kernel" }, { "summary":"CVE-2024-50073", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50073&packageName=kernel" }, { "summary":"CVE-2024-50082", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50082&packageName=kernel" }, { "summary":"CVE-2024-50095", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50095&packageName=kernel" }, { "summary":"CVE-2024-50099", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50099&packageName=kernel" }, { "summary":"CVE-2024-50131", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50131&packageName=kernel" }, { "summary":"CVE-2024-50133", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50133&packageName=kernel" }, { "summary":"CVE-2024-50142", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50142&packageName=kernel" }, { "summary":"CVE-2024-50154", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50154&packageName=kernel" }, { "summary":"CVE-2024-50184", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50184&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46685" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46702" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46815" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47679" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49878" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49948" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49949" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49960" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49967" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49983" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50006" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50013" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50014" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50073" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50082" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50095" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50099" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50131" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50133" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50142" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50154" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50184" }, { "summary":"openEuler-SA-2024-2424 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openeuler-sa-2024-2424.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP4", "tracking":{ "initial_release_date":"2024-11-15T20:14:47+08:00", "revision_history":[ { "date":"2024-11-15T20:14:47+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2024-11-15T20:14:47+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2024-11-15T20:14:47+08:00", "id":"openEuler-SA-2024-2424", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"openEuler-22.03-LTS-SP4", "name":"openEuler-22.03-LTS-SP4" }, "name":"openEuler-22.03-LTS-SP4", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4" }, "product_id":"kernel-5.10.0-236.0.0.135.oe2203sp4.src.rpm", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.src.rpm" }, "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"perf-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"perf-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "name":"python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP4", "product_reference":"kernel-5.10.0-236.0.0.135.oe2203sp4.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src", "name":"kernel-5.10.0-236.0.0.135.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2024-46685", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference in pcs_get_function()\n\npinmux_generic_get_function() can return NULL and the pointer 'function'\nwas dereferenced without checking against NULL. Add checking of pointer\n'function' in pcs_get_function().\n\nFound by code review.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-46685" }, { "cve":"CVE-2024-46702", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Mark XDomain as unplugged when router is removed\n\nI noticed that when we do discrete host router NVM upgrade and it gets\nhot-removed from the PCIe side as a result of NVM firmware authentication,\nif there is another host connected with enabled paths we hang in tearing\nthem down. This is due to fact that the Thunderbolt networking driver\nalso tries to cleanup the paths and ends up blocking in\ntb_disconnect_xdomain_paths() waiting for the domain lock.\n\nHowever, at this point we already cleaned the paths in tb_stop() so\nthere is really no need for tb_disconnect_xdomain_paths() to do that\nanymore. Furthermore it already checks if the XDomain is unplugged and\nbails out early so take advantage of that and mark the XDomain as\nunplugged when we remove the parent router.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-46702" }, { "cve":"CVE-2024-46815", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]\n\n[WHY & HOW]\nnum_valid_sets needs to be checked to avoid a negative index when\naccessing reader_wm_sets[num_valid_sets - 1].\n\nThis fixes an OVERRUN issue reported by Coverity.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-46815" }, { "cve":"CVE-2024-47679", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()&iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it'a race in vfs.\n\nLet's assume there's a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there's a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n ->spin_lock(inode)\n ->dec i_count to 0\n ->iput_final() generic_shutdown_super()\n ->__inode_add_lru() ->evict_inodes()\n // cause some reason[2] ->if (atomic_read(inode->i_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n ->spin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n ->find_inode()\n // found the above inode 261\n ->spin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n ->__iget()\n ->spin_unlock(inode) // schedule back\n ->spin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() ->spin_unlock(inode)\n ->spin_lock(inode)\t\t\t ->evict()\n // dec i_count to 0\n ->iput_final()\n ->spin_unlock()\n ->evict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode->i_state & I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode->i_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-47679" }, { "cve":"CVE-2024-49878", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nresource: fix region_intersects() vs add_memory_driver_managed()\n\nOn a system with CXL memory, the resource tree (/proc/iomem) related to\nCXL memory may look like something as follows.\n\n490000000-50fffffff : CXL Window 0\n 490000000-50fffffff : region0\n 490000000-50fffffff : dax0.0\n 490000000-50fffffff : System RAM (kmem)\n\nBecause drivers/dax/kmem.c calls add_memory_driver_managed() during\nonlining CXL memory, which makes \"System RAM (kmem)\" a descendant of \"CXL\nWindow X\". This confuses region_intersects(), which expects all \"System\nRAM\" resources to be at the top level of iomem_resource. This can lead to\nbugs.\n\nFor example, when the following command line is executed to write some\nmemory in CXL memory range via /dev/mem,\n\n $ dd if=data of=/dev/mem bs=$((1 << 10)) seek=$((0x490000000 >> 10)) count=1\n dd: error writing '/dev/mem': Bad address\n 1+0 records in\n 0+0 records out\n 0 bytes copied, 0.0283507 s, 0.0 kB/s\n\nthe command fails as expected. However, the error code is wrong. It\nshould be \"Operation not permitted\" instead of \"Bad address\". More\nseriously, the /dev/mem permission checking in devmem_is_allowed() passes\nincorrectly. Although the accessing is prevented later because ioremap()\nisn't allowed to map system RAM, it is a potential security issue. During\ncommand executing, the following warning is reported in the kernel log for\ncalling ioremap() on system RAM.\n\n ioremap on RAM at 0x0000000490000000 - 0x0000000490000fff\n WARNING: CPU: 2 PID: 416 at arch/x86/mm/ioremap.c:216 __ioremap_caller.constprop.0+0x131/0x35d\n Call Trace:\n memremap+0xcb/0x184\n xlate_dev_mem_ptr+0x25/0x2f\n write_mem+0x94/0xfb\n vfs_write+0x128/0x26d\n ksys_write+0xac/0xfe\n do_syscall_64+0x9a/0xfd\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nThe details of command execution process are as follows. In the above\nresource tree, \"System RAM\" is a descendant of \"CXL Window 0\" instead of a\ntop level resource. So, region_intersects() will report no System RAM\nresources in the CXL memory region incorrectly, because it only checks the\ntop level resources. Consequently, devmem_is_allowed() will return 1\n(allow access via /dev/mem) for CXL memory region incorrectly. \nFortunately, ioremap() doesn't allow to map System RAM and reject the\naccess.\n\nSo, region_intersects() needs to be fixed to work correctly with the\nresource tree with \"System RAM\" not at top level as above. To fix it, if\nwe found a unmatched resource in the top level, we will continue to search\nmatched resources in its descendant resources. So, we will not miss any\nmatched resources in resource tree anymore.\n\nIn the new implementation, an example resource tree\n\n|------------- \"CXL Window 0\" ------------|\n|-- \"System RAM\" --|\n\nwill behave similar as the following fake resource tree for\nregion_intersects(, IORESOURCE_SYSTEM_RAM, ),\n\n|-- \"System RAM\" --||-- \"CXL Window 0a\" --|\n\nWhere \"CXL Window 0a\" is part of the original \"CXL Window 0\" that\nisn't covered by \"System RAM\".", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-49878" }, { "cve":"CVE-2024-49948", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: add more sanity checks to qdisc_pkt_len_init()\n\nOne path takes care of SKB_GSO_DODGY, assuming\nskb->len is bigger than hdr_len.\n\nvirtio_net_hdr_to_skb() does not fully dissect TCP headers,\nit only make sure it is at least 20 bytes.\n\nIt is possible for an user to provide a malicious 'GSO' packet,\ntotal length of 80 bytes.\n\n- 20 bytes of IPv4 header\n- 60 bytes TCP header\n- a small gso_size like 8\n\nvirtio_net_hdr_to_skb() would declare this packet as a normal\nGSO packet, because it would see 40 bytes of payload,\nbigger than gso_size.\n\nWe need to make detect this case to not underflow\nqdisc_skb_cb(skb)->pkt_len.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-49948" }, { "cve":"CVE-2024-49949", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential underflow in qdisc_pkt_len_init() with UFO\n\nAfter commit 7c6d2ecbda83 (\"net: be more gentle about silly gso\nrequests coming from user\") virtio_net_hdr_to_skb() had sanity check\nto detect malicious attempts from user space to cook a bad GSO packet.\n\nThen commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count\ntransport header in UFO\") while fixing one issue, allowed user space\nto cook a GSO packet with the following characteristic :\n\nIPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28.\n\nWhen this packet arrives in qdisc_pkt_len_init(), we end up\nwith hdr_len = 28 (IPv4 header + UDP header), matching skb->len\n\nThen the following sets gso_segs to 0 :\n\ngso_segs = DIV_ROUND_UP(skb->len - hdr_len,\n shinfo->gso_size);\n\nThen later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/\n\nqdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len;\n\nThis leads to the following crash in fq_codel [1]\n\nqdisc_pkt_len_init() is best effort, we only want an estimation\nof the bytes sent on the wire, not crashing the kernel.\n\nThis patch is fixing this particular issue, a following one\nadds more sanity checks for another potential bug.\n\n[1]\n[ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 70.724561] #PF: supervisor read access in kernel mode\n[ 70.724561] #PF: error_code(0x0000) - not-present page\n[ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0\n[ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991\n[ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel\n[ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49\nAll code\n========\n 0:\t24 08 \tand $0x8,%al\n 2:\t49 c1 e1 06 \tshl $0x6,%r9\n 6:\t44 89 7c 24 18 \tmov %r15d,0x18(%rsp)\n b:\t45 31 ed \txor %r13d,%r13d\n e:\t45 31 c0 \txor %r8d,%r8d\n 11:\t31 ff \txor %edi,%edi\n 13:\t89 44 24 14 \tmov %eax,0x14(%rsp)\n 17:\t4c 03 8b 90 01 00 00 \tadd 0x190(%rbx),%r9\n 1e:\teb 04 \tjmp 0x24\n 20:\t39 ca \tcmp %ecx,%edx\n 22:\t73 37 \tjae 0x5b\n 24:\t4d 8b 39 \tmov (%r9),%r15\n 27:\t83 c7 01 \tadd $0x1,%edi\n 2a:*\t49 8b 17 \tmov (%r15),%rdx\t\t<-- trapping instruction\n 2d:\t49 89 11 \tmov %rdx,(%r9)\n 30:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n 34:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n 38:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 3f:\t49 \trex.WB\n\nCode starting with the faulting instruction\n===========================================\n 0:\t49 8b 17 \tmov (%r15),%rdx\n 3:\t49 89 11 \tmov %rdx,(%r9)\n 6:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n a:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n e:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 15:\t49 \trex.WB\n[ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202\n[ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000\n[ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001\n[ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000\n[ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58\n[ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000\n[ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000\n[ 70.724561] CS: 0010 DS: 0000 ES: 0000 C\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-49949" }, { "cve":"CVE-2024-49960", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix timer use-after-free on failed mount\n\nSyzbot has found an ODEBUG bug in ext4_fill_super\n\nThe del_timer_sync function cancels the s_err_report timer,\nwhich reminds about filesystem errors daily. We should\nguarantee the timer is no longer active before kfree(sbi).\n\nWhen filesystem mounting fails, the flow goes to failed_mount3,\nwhere an error occurs when ext4_stop_mmpd is called, causing\na read I/O failure. This triggers the ext4_handle_error function\nthat ultimately re-arms the timer,\nleaving the s_err_report timer active before kfree(sbi) is called.\n\nFix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-49960" }, { "cve":"CVE-2024-49967", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: no need to continue when the number of entries is 1", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-49967" }, { "cve":"CVE-2024-49983", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free\n\nWhen calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(),\nthe 'ppath' is updated but it is the 'path' that is freed, thus potentially\ntriggering a double-free in the following process:\n\next4_ext_replay_update_ex\n ppath = path\n ext4_force_split_extent_at(&ppath)\n ext4_split_extent_at\n ext4_ext_insert_extent\n ext4_ext_create_new_leaf\n ext4_ext_grow_indepth\n ext4_find_extent\n if (depth > path[0].p_maxdepth)\n kfree(path) ---> path First freed\n *orig_path = path = NULL ---> null ppath\n kfree(path) ---> path double-free !!!\n\nSo drop the unnecessary ppath and use path directly to avoid this problem.\nAnd use ext4_find_extent() directly to update path, avoiding unnecessary\nmemory allocation and freeing. Also, propagate the error returned by\next4_find_extent() instead of using strange error codes.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-49983" }, { "cve":"CVE-2024-50006", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix i_data_sem unlock order in ext4_ind_migrate()\n\nFuzzing reports a possible deadlock in jbd2_log_wait_commit.\n\nThis issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require\nsynchronous updates because the file descriptor is opened with O_SYNC.\nThis can lead to the jbd2_journal_stop() function calling\njbd2_might_wait_for_commit(), potentially causing a deadlock if the\nEXT4_IOC_MIGRATE call races with a write(2) system call.\n\nThis problem only arises when CONFIG_PROVE_LOCKING is enabled. In this\ncase, the jbd2_might_wait_for_commit macro locks jbd2_handle in the\njbd2_journal_stop function while i_data_sem is locked. This triggers\nlockdep because the jbd2_journal_start function might also lock the same\njbd2_handle simultaneously.\n\nFound by Linux Verification Center (linuxtesting.org) with syzkaller.\n\nRule: add", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50006" }, { "cve":"CVE-2024-50013", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix memory leak in exfat_load_bitmap()\n\nIf the first directory entry in the root directory is not a bitmap\ndirectory entry, 'bh' will not be released and reassigned, which\nwill cause a memory leak.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50013" }, { "cve":"CVE-2024-50014", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix access to uninitialised lock in fc replay path\n\nThe following kernel trace can be triggered with fstest generic/629 when\nexecuted against a filesystem with fast-commit feature enabled:\n\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn't initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \n dump_stack_lvl+0x66/0x90\n register_lock_class+0x759/0x7d0\n __lock_acquire+0x85/0x2630\n ? __find_get_block+0xb4/0x380\n lock_acquire+0xd1/0x2d0\n ? __ext4_journal_get_write_access+0xd5/0x160\n _raw_spin_lock+0x33/0x40\n ? __ext4_journal_get_write_access+0xd5/0x160\n __ext4_journal_get_write_access+0xd5/0x160\n ext4_reserve_inode_write+0x61/0xb0\n __ext4_mark_inode_dirty+0x79/0x270\n ? ext4_ext_replay_set_iblocks+0x2f8/0x450\n ext4_ext_replay_set_iblocks+0x330/0x450\n ext4_fc_replay+0x14c8/0x1540\n ? jread+0x88/0x2e0\n ? rcu_is_watching+0x11/0x40\n do_one_pass+0x447/0xd00\n jbd2_journal_recover+0x139/0x1b0\n jbd2_journal_load+0x96/0x390\n ext4_load_and_init_journal+0x253/0xd40\n ext4_fill_super+0x2cc6/0x3180\n...\n\nIn the replay path there's an attempt to lock sbi->s_bdev_wb_lock in\nfunction ext4_check_bdev_write_error(). Unfortunately, at this point this\nspinlock has not been initialized yet. Moving it's initialization to an\nearlier point in __ext4_fill_super() fixes this splat.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50014" }, { "cve":"CVE-2024-50073", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-50073" }, { "cve":"CVE-2024-50082", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nblk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race\n\nWe're seeing crashes from rq_qos_wake_function that look like this:\n\n BUG: unable to handle page fault for address: ffffafe180a40084\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0\n Oops: Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40\n Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00\n RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084\n RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011\n R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002\n R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003\n FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \n try_to_wake_up+0x5a/0x6a0\n rq_qos_wake_function+0x71/0x80\n __wake_up_common+0x75/0xa0\n __wake_up+0x36/0x60\n scale_up.part.0+0x50/0x110\n wb_timer_fn+0x227/0x450\n ...\n\nSo rq_qos_wake_function() calls wake_up_process(data->task), which calls\ntry_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock).\n\np comes from data->task, and data comes from the waitqueue entry, which\nis stored on the waiter's stack in rq_qos_wait(). Analyzing the core\ndump with drgn, I found that the waiter had already woken up and moved\non to a completely unrelated code path, clobbering what was previously\ndata->task. Meanwhile, the waker was passing the clobbered garbage in\ndata->task to wake_up_process(), leading to the crash.\n\nWhat's happening is that in between rq_qos_wake_function() deleting the\nwaitqueue entry and calling wake_up_process(), rq_qos_wait() is finding\nthat it already got a token and returning. The race looks like this:\n\nrq_qos_wait() rq_qos_wake_function()\n==============================================================\nprepare_to_wait_exclusive()\n data->got_token = true;\n list_del_init(&curr->entry);\nif (data.got_token)\n break;\nfinish_wait(&rqw->wait, &data.wq);\n ^- returns immediately because\n list_empty_careful(&wq_entry->entry)\n is true\n... return, go do something else ...\n wake_up_process(data->task)\n (NO LONGER VALID!)-^\n\nNormally, finish_wait() is supposed to synchronize against the waker.\nBut, as noted above, it is returning immediately because the waitqueue\nentry has already been removed from the waitqueue.\n\nThe bug is that rq_qos_wake_function() is accessing the waitqueue entry\nAFTER deleting it. Note that autoremove_wake_function() wakes the waiter\nand THEN deletes the waitqueue entry, which is the proper order.\n\nFix it by swapping the order. We also need to use\nlist_del_init_careful() to match the list_empty_careful() in\nfinish_wait().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50082" }, { "cve":"CVE-2024-50095", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n \n \n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50095" }, { "cve":"CVE-2024-50099", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50099" }, { "cve":"CVE-2024-50131", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Consider the NULL character when validating the event length\n\nstrlen() returns a string length excluding the null byte. If the string\nlength equals to the maximum buffer length, the buffer will have no\nspace for the NULL terminating character.\n\nThis commit checks this condition and returns failure for it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-50131" }, { "cve":"CVE-2024-50133", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Don't crash in stack_top() for tasks without vDSO\n\nNot all tasks have a vDSO mapped, for example kthreads never do. If such\na task ever ends up calling stack_top(), it will derefence the NULL vdso\npointer and crash.\n\nThis can for example happen when using kunit:\n\n\t[<9000000000203874>] stack_top+0x58/0xa8\n\t[<90000000002956cc>] arch_pick_mmap_layout+0x164/0x220\n\t[<90000000003c284c>] kunit_vm_mmap_init+0x108/0x12c\n\t[<90000000003c1fbc>] __kunit_add_resource+0x38/0x8c\n\t[<90000000003c2704>] kunit_vm_mmap+0x88/0xc8\n\t[<9000000000410b14>] usercopy_test_init+0xbc/0x25c\n\t[<90000000003c1db4>] kunit_try_run_case+0x5c/0x184\n\t[<90000000003c3d54>] kunit_generic_run_threadfn_adapter+0x24/0x48\n\t[<900000000022e4bc>] kthread+0xc8/0xd4\n\t[<9000000000200ce8>] ret_from_kernel_thread+0xc/0xa4", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50133" }, { "cve":"CVE-2024-50142", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA's prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn't put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx->sel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that's how\nprefixlen is going to be used later on.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50142" }, { "cve":"CVE-2024-50154", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req->sk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer->entry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req->sk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req->sk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req->sk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req->sk\n\nLet's not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50154" }, { "cve":"CVE-2024-50184", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_pmem: Check device status before requesting flush\n\nIf a pmem device is in a bad status, the driver side could wait for\nhost ack forever in virtio_pmem_flush(), causing the system to hang.\n\nSo add a status check in the beginning of virtio_pmem_flush() to return\nearly if the device is not activated.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2424" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.aarch64", "openEuler-22.03-LTS-SP4:bpftool-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-source-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-236.0.0.135.oe2203sp4.x86_64", "openEuler-22.03-LTS-SP4:kernel-5.10.0-236.0.0.135.oe2203sp4.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50184" } ] }