{
"document":{
"aggregate_severity":{
"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
"text":"High"
},
"category":"csaf_vex",
"csaf_version":"2.0",
"distribution":{
"tlp":{
"label":"WHITE",
"url":"https:/www.first.org/tlp/"
}
},
"lang":"en",
"notes":[
{
"text":"kernel security update",
"category":"general",
"title":"Synopsis"
},
{
"text":"An update for kernel is now available for openEuler-22.03-LTS-SP3",
"category":"general",
"title":"Summary"
},
{
"text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---(CVE-2024-46782)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\n\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.(CVE-2024-47697)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: unquiesce admin_q before destroy it\n\nKernel will hang on destroy admin_q while we create ctrl failed, such\nas following calltrace:\n\nPID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: \"nvme\"\n #0 [ff61d23de260fb78] __schedule at ffffffff8323bc15\n #1 [ff61d23de260fc08] schedule at ffffffff8323c014\n #2 [ff61d23de260fc28] blk_mq_freeze_queue_wait at ffffffff82a3dba1\n #3 [ff61d23de260fc78] blk_freeze_queue at ffffffff82a4113a\n #4 [ff61d23de260fc90] blk_cleanup_queue at ffffffff82a33006\n #5 [ff61d23de260fcb0] nvme_rdma_destroy_admin_queue at ffffffffc12686ce\n #6 [ff61d23de260fcc8] nvme_rdma_setup_ctrl at ffffffffc1268ced\n #7 [ff61d23de260fd28] nvme_rdma_create_ctrl at ffffffffc126919b\n #8 [ff61d23de260fd68] nvmf_dev_write at ffffffffc024f362\n #9 [ff61d23de260fe38] vfs_write at ffffffff827d5f25\n RIP: 00007fda7891d574 RSP: 00007ffe2ef06958 RFLAGS: 00000202\n RAX: ffffffffffffffda RBX: 000055e8122a4d90 RCX: 00007fda7891d574\n RDX: 000000000000012b RSI: 000055e8122a4d90 RDI: 0000000000000004\n RBP: 00007ffe2ef079c0 R8: 000000000000012b R9: 000055e8122a4d90\n R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004\n R13: 000055e8122923c0 R14: 000000000000012b R15: 00007fda78a54500\n ORIG_RAX: 0000000000000001 CS: 0033 SS: 002b\n\nThis due to we have quiesced admi_q before cancel requests, but forgot\nto unquiesce before destroy it, as a result we fail to drain the\npending requests, and hang on blk_mq_freeze_queue_wait() forever. Here\ntry to reuse nvme_rdma_teardown_admin_queue() to fix this issue and\nsimplify the code.(CVE-2024-49569)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\nsco_sk_list.(CVE-2024-50125)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()\n\nThe \"*cmd\" variable can be controlled by the user via debugfs. That means\n\"new_cam\" can be as high as 255 while the size of the uc->updated[] array\nis UCSI_MAX_ALTMODES (30).\n\nThe call tree is:\nucsi_cmd() // val comes from simple_attr_write_xsigned()\n-> ucsi_send_command()\n -> ucsi_send_command_common()\n -> ucsi_run_command() // calls ucsi->ops->sync_control()\n -> ucsi_ccg_sync_control()(CVE-2024-50268)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it's valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)(CVE-2024-53057)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm: resolve faulty mmap_region() error path behaviour\n\nThe mmap_region() function is somewhat terrifying, with spaghetti-like\ncontrol flow and numerous means by which issues can arise and incomplete\nstate, memory leaks and other unpleasantness can occur.\n\nA large amount of the complexity arises from trying to handle errors late\nin the process of mapping a VMA, which forms the basis of recently\nobserved issues with resource leaks and observable inconsistent state.\n\nTaking advantage of previous patches in this series we move a number of\nchecks earlier in the code, simplifying things by moving the core of the\nlogic into a static internal function __mmap_region().\n\nDoing this allows us to perform a number of checks up front before we do\nany real work, and allows us to unwind the writable unmap check\nunconditionally as required and to perform a CONFIG_DEBUG_VM_MAPLE_TREE\nvalidation unconditionally also.\n\nWe move a number of things here:\n\n1. We preallocate memory for the iterator before we call the file-backed\n memory hook, allowing us to exit early and avoid having to perform\n complicated and error-prone close/free logic. We carefully free\n iterator state on both success and error paths.\n\n2. The enclosing mmap_region() function handles the mapping_map_writable()\n logic early. Previously the logic had the mapping_map_writable() at the\n point of mapping a newly allocated file-backed VMA, and a matching\n mapping_unmap_writable() on success and error paths.\n\n We now do this unconditionally if this is a file-backed, shared writable\n mapping. If a driver changes the flags to eliminate VM_MAYWRITE, however\n doing so does not invalidate the seal check we just performed, and we in\n any case always decrement the counter in the wrapper.\n\n We perform a debug assert to ensure a driver does not attempt to do the\n opposite.\n\n3. We also move arch_validate_flags() up into the mmap_region()\n function. This is only relevant on arm64 and sparc64, and the check is\n only meaningful for SPARC with ADI enabled. We explicitly add a warning\n for this arch if a driver invalidates this check, though the code ought\n eventually to be fixed to eliminate the need for this.\n\nWith all of these measures in place, we no longer need to explicitly close\nthe VMA on error paths, as we place all checks which might fail prior to a\ncall to any driver mmap hook.\n\nThis eliminates an entire class of errors, makes the code easier to reason\nabout and more robust.(CVE-2024-53096)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.(CVE-2024-53141)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Flush partial mappings in error case\n\nIf some remap_pfn_range() calls succeeded before one failed, we still have\nbuffer pages mapped into the userspace page tables when we drop the buffer\nreference with comedi_buf_map_put(bm). The userspace mappings are only\ncleaned up later in the mmap error path.\n\nFix it by explicitly flushing all mappings in our VMA on the error path.\n\nSee commit 79a61cc3fc04 (\"mm: avoid leaving partial pfn mappings around in\nerror case\").(CVE-2024-53148)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type 'htc_endpoint [22]'\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n \n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.(CVE-2024-53156)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.(CVE-2024-56600)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet: do not leave a dangling sk pointer in inet_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If inet_create() fails later, the sk object is freed, but the\nsock object retains the dangling pointer, which may create use-after-free\nlater.\n\nClear the sk pointer in the sock object on error.(CVE-2024-56601)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngpio: grgpio: Add NULL check in grgpio_probe\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in grgpio_probe is not checked.\nAdd NULL check in grgpio_probe, to handle kernel NULL\npointer dereference error.(CVE-2024-56634)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ns390/cpum_sf: Handle CPU hotplug remove during sampling\n\nCPU hotplug remove handling triggers the following function\ncall sequence:\n\n CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu()\n ...\n CPUHP_AP_PERF_ONLINE --> perf_event_exit_cpu()\n\nThe s390 CPUMF sampling CPU hotplug handler invokes:\n\n s390_pmu_sf_offline_cpu()\n +--> cpusf_pmu_setup()\n +--> setup_pmc_cpu()\n +--> deallocate_buffers()\n\nThis function de-allocates all sampling data buffers (SDBs) allocated\nfor that CPU at event initialization. It also clears the\nPMU_F_RESERVED bit. The CPU is gone and can not be sampled.\n\nWith the event still being active on the removed CPU, the CPU event\nhotplug support in kernel performance subsystem triggers the\nfollowing function calls on the removed CPU:\n\n perf_event_exit_cpu()\n +--> perf_event_exit_cpu_context()\n +--> __perf_event_exit_context()\n\t +--> __perf_remove_from_context()\n\t +--> event_sched_out()\n\t +--> cpumsf_pmu_del()\n\t +--> cpumsf_pmu_stop()\n +--> hw_perf_event_update()\n\nto stop and remove the event. During removal of the event, the\nsampling device driver tries to read out the remaining samples from\nthe sample data buffers (SDBs). But they have already been freed\n(and may have been re-assigned). This may lead to a use after free\nsituation in which case the samples are most likely invalid. In the\nbest case the memory has not been reassigned and still contains\nvalid data.\n\nRemedy this situation and check if the CPU is still in reserved\nstate (bit PMU_F_RESERVED set). In this case the SDBs have not been\nreleased an contain valid data. This is always the case when\nthe event is removed (and no CPU hotplug off occured).\nIf the PMU_F_RESERVED bit is not set, the SDB buffers are gone.(CVE-2024-57849)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049(CVE-2024-57900)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow's quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it's not worth\ncomplicating the code to preserve the old behaviour.(CVE-2025-21647)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.(CVE-2025-21648)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.(CVE-2025-21667)",
"category":"general",
"title":"Description"
},
{
"text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
"category":"general",
"title":"Topic"
},
{
"text":"High",
"category":"general",
"title":"Severity"
},
{
"text":"kernel",
"category":"general",
"title":"Affected Component"
}
],
"publisher":{
"issuing_authority":"openEuler security committee",
"name":"openEuler",
"namespace":"https://www.openeuler.org",
"contact_details":"openeuler-security@openeuler.org",
"category":"vendor"
},
"references":[
{
"summary":"openEuler-SA-2025-1162",
"category":"self",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
},
{
"summary":"CVE-2024-46782",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-46782&packageName=kernel"
},
{
"summary":"CVE-2024-47697",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-47697&packageName=kernel"
},
{
"summary":"CVE-2024-49569",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49569&packageName=kernel"
},
{
"summary":"CVE-2024-50125",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50125&packageName=kernel"
},
{
"summary":"CVE-2024-50268",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50268&packageName=kernel"
},
{
"summary":"CVE-2024-53057",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53057&packageName=kernel"
},
{
"summary":"CVE-2024-53096",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53096&packageName=kernel"
},
{
"summary":"CVE-2024-53141",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53141&packageName=kernel"
},
{
"summary":"CVE-2024-53148",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53148&packageName=kernel"
},
{
"summary":"CVE-2024-53156",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53156&packageName=kernel"
},
{
"summary":"CVE-2024-56600",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56600&packageName=kernel"
},
{
"summary":"CVE-2024-56601",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56601&packageName=kernel"
},
{
"summary":"CVE-2024-56634",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56634&packageName=kernel"
},
{
"summary":"CVE-2024-57849",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57849&packageName=kernel"
},
{
"summary":"CVE-2024-57900",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57900&packageName=kernel"
},
{
"summary":"CVE-2025-21647",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21647&packageName=kernel"
},
{
"summary":"CVE-2025-21648",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21648&packageName=kernel"
},
{
"summary":"CVE-2025-21667",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21667&packageName=kernel"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46782"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47697"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49569"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50125"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50268"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53057"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53096"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53141"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53148"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53156"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56600"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56601"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56634"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57849"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57900"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21647"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21648"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21667"
},
{
"summary":"openEuler-SA-2025-1162 vex file",
"category":"self",
"url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1162.json"
}
],
"title":"An update for kernel is now available for openEuler-22.03-LTS-SP3",
"tracking":{
"initial_release_date":"2025-02-21T21:35:36+08:00",
"revision_history":[
{
"date":"2025-02-21T21:35:36+08:00",
"summary":"Initial",
"number":"1.0.0"
}
],
"generator":{
"date":"2025-02-21T21:35:36+08:00",
"engine":{
"name":"openEuler CSAF Tool V1.0"
}
},
"current_release_date":"2025-02-21T21:35:36+08:00",
"id":"openEuler-SA-2025-1162",
"version":"1.0.0",
"status":"final"
}
},
"product_tree":{
"branches":[
{
"name":"openEuler",
"category":"vendor",
"branches":[
{
"name":"openEuler",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"openEuler-22.03-LTS-SP3",
"name":"openEuler-22.03-LTS-SP3"
},
"name":"openEuler-22.03-LTS-SP3",
"category":"product_version"
}
],
"category":"product_name"
},
{
"name":"src",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-5.10.0-250.0.0.153.oe2203sp3.src.rpm",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.src.rpm"
},
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.src.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"x86_64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm"
},
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"aarch64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3"
},
"product_id":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm"
},
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"category":"product_version"
}
],
"category":"architecture"
}
]
}
],
"relationships":[
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-5.10.0-250.0.0.153.oe2203sp3.src.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"perf-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP3",
"product_reference":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"name":"python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3"
},
"category":"default_component_of"
}
]
},
"vulnerabilities":[
{
"cve":"CVE-2024-46782",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-46782"
},
{
"cve":"CVE-2024-47697",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\n\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-47697"
},
{
"cve":"CVE-2024-49569",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: unquiesce admin_q before destroy it\n\nKernel will hang on destroy admin_q while we create ctrl failed, such\nas following calltrace:\n\nPID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: \"nvme\"\n #0 [ff61d23de260fb78] __schedule at ffffffff8323bc15\n #1 [ff61d23de260fc08] schedule at ffffffff8323c014\n #2 [ff61d23de260fc28] blk_mq_freeze_queue_wait at ffffffff82a3dba1\n #3 [ff61d23de260fc78] blk_freeze_queue at ffffffff82a4113a\n #4 [ff61d23de260fc90] blk_cleanup_queue at ffffffff82a33006\n #5 [ff61d23de260fcb0] nvme_rdma_destroy_admin_queue at ffffffffc12686ce\n #6 [ff61d23de260fcc8] nvme_rdma_setup_ctrl at ffffffffc1268ced\n #7 [ff61d23de260fd28] nvme_rdma_create_ctrl at ffffffffc126919b\n #8 [ff61d23de260fd68] nvmf_dev_write at ffffffffc024f362\n #9 [ff61d23de260fe38] vfs_write at ffffffff827d5f25\n RIP: 00007fda7891d574 RSP: 00007ffe2ef06958 RFLAGS: 00000202\n RAX: ffffffffffffffda RBX: 000055e8122a4d90 RCX: 00007fda7891d574\n RDX: 000000000000012b RSI: 000055e8122a4d90 RDI: 0000000000000004\n RBP: 00007ffe2ef079c0 R8: 000000000000012b R9: 000055e8122a4d90\n R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004\n R13: 000055e8122923c0 R14: 000000000000012b R15: 00007fda78a54500\n ORIG_RAX: 0000000000000001 CS: 0033 SS: 002b\n\nThis due to we have quiesced admi_q before cancel requests, but forgot\nto unquiesce before destroy it, as a result we fail to drain the\npending requests, and hang on blk_mq_freeze_queue_wait() forever. Here\ntry to reuse nvme_rdma_teardown_admin_queue() to fix this issue and\nsimplify the code.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.7,
"vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2024-49569"
},
{
"cve":"CVE-2024-50125",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\nsco_sk_list.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-50125"
},
{
"cve":"CVE-2024-50268",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()\n\nThe \"*cmd\" variable can be controlled by the user via debugfs. That means\n\"new_cam\" can be as high as 255 while the size of the uc->updated[] array\nis UCSI_MAX_ALTMODES (30).\n\nThe call tree is:\nucsi_cmd() // val comes from simple_attr_write_xsigned()\n-> ucsi_send_command()\n -> ucsi_send_command_common()\n -> ucsi_run_command() // calls ucsi->ops->sync_control()\n -> ucsi_ccg_sync_control()",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.1,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-50268"
},
{
"cve":"CVE-2024-53057",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it's valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-53057"
},
{
"cve":"CVE-2024-53096",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm: resolve faulty mmap_region() error path behaviour\n\nThe mmap_region() function is somewhat terrifying, with spaghetti-like\ncontrol flow and numerous means by which issues can arise and incomplete\nstate, memory leaks and other unpleasantness can occur.\n\nA large amount of the complexity arises from trying to handle errors late\nin the process of mapping a VMA, which forms the basis of recently\nobserved issues with resource leaks and observable inconsistent state.\n\nTaking advantage of previous patches in this series we move a number of\nchecks earlier in the code, simplifying things by moving the core of the\nlogic into a static internal function __mmap_region().\n\nDoing this allows us to perform a number of checks up front before we do\nany real work, and allows us to unwind the writable unmap check\nunconditionally as required and to perform a CONFIG_DEBUG_VM_MAPLE_TREE\nvalidation unconditionally also.\n\nWe move a number of things here:\n\n1. We preallocate memory for the iterator before we call the file-backed\n memory hook, allowing us to exit early and avoid having to perform\n complicated and error-prone close/free logic. We carefully free\n iterator state on both success and error paths.\n\n2. The enclosing mmap_region() function handles the mapping_map_writable()\n logic early. Previously the logic had the mapping_map_writable() at the\n point of mapping a newly allocated file-backed VMA, and a matching\n mapping_unmap_writable() on success and error paths.\n\n We now do this unconditionally if this is a file-backed, shared writable\n mapping. If a driver changes the flags to eliminate VM_MAYWRITE, however\n doing so does not invalidate the seal check we just performed, and we in\n any case always decrement the counter in the wrapper.\n\n We perform a debug assert to ensure a driver does not attempt to do the\n opposite.\n\n3. We also move arch_validate_flags() up into the mmap_region()\n function. This is only relevant on arm64 and sparc64, and the check is\n only meaningful for SPARC with ADI enabled. We explicitly add a warning\n for this arch if a driver invalidates this check, though the code ought\n eventually to be fixed to eliminate the need for this.\n\nWith all of these measures in place, we no longer need to explicitly close\nthe VMA on error paths, as we place all checks which might fail prior to a\ncall to any driver mmap hook.\n\nThis eliminates an entire class of errors, makes the code easier to reason\nabout and more robust.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-53096"
},
{
"cve":"CVE-2024-53141",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-53141"
},
{
"cve":"CVE-2024-53148",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Flush partial mappings in error case\n\nIf some remap_pfn_range() calls succeeded before one failed, we still have\nbuffer pages mapped into the userspace page tables when we drop the buffer\nreference with comedi_buf_map_put(bm). The userspace mappings are only\ncleaned up later in the mmap error path.\n\nFix it by explicitly flushing all mappings in our VMA on the error path.\n\nSee commit 79a61cc3fc04 (\"mm: avoid leaving partial pfn mappings around in\nerror case\").",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.0,
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-53148"
},
{
"cve":"CVE-2024-53156",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type 'htc_endpoint [22]'\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n \n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-53156"
},
{
"cve":"CVE-2024-56600",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-56600"
},
{
"cve":"CVE-2024-56601",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet: do not leave a dangling sk pointer in inet_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If inet_create() fails later, the sk object is freed, but the\nsock object retains the dangling pointer, which may create use-after-free\nlater.\n\nClear the sk pointer in the sock object on error.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-56601"
},
{
"cve":"CVE-2024-56634",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: grgpio: Add NULL check in grgpio_probe\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in grgpio_probe is not checked.\nAdd NULL check in grgpio_probe, to handle kernel NULL\npointer dereference error.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2024-56634"
},
{
"cve":"CVE-2024-57849",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cpum_sf: Handle CPU hotplug remove during sampling\n\nCPU hotplug remove handling triggers the following function\ncall sequence:\n\n CPUHP_AP_PERF_S390_SF_ONLINE --> s390_pmu_sf_offline_cpu()\n ...\n CPUHP_AP_PERF_ONLINE --> perf_event_exit_cpu()\n\nThe s390 CPUMF sampling CPU hotplug handler invokes:\n\n s390_pmu_sf_offline_cpu()\n +--> cpusf_pmu_setup()\n +--> setup_pmc_cpu()\n +--> deallocate_buffers()\n\nThis function de-allocates all sampling data buffers (SDBs) allocated\nfor that CPU at event initialization. It also clears the\nPMU_F_RESERVED bit. The CPU is gone and can not be sampled.\n\nWith the event still being active on the removed CPU, the CPU event\nhotplug support in kernel performance subsystem triggers the\nfollowing function calls on the removed CPU:\n\n perf_event_exit_cpu()\n +--> perf_event_exit_cpu_context()\n +--> __perf_event_exit_context()\n\t +--> __perf_remove_from_context()\n\t +--> event_sched_out()\n\t +--> cpumsf_pmu_del()\n\t +--> cpumsf_pmu_stop()\n +--> hw_perf_event_update()\n\nto stop and remove the event. During removal of the event, the\nsampling device driver tries to read out the remaining samples from\nthe sample data buffers (SDBs). But they have already been freed\n(and may have been re-assigned). This may lead to a use after free\nsituation in which case the samples are most likely invalid. In the\nbest case the memory has not been reassigned and still contains\nvalid data.\n\nRemedy this situation and check if the CPU is still in reserved\nstate (bit PMU_F_RESERVED set). In this case the SDBs have not been\nreleased an contain valid data. This is always the case when\nthe event is removed (and no CPU hotplug off occured).\nIf the PMU_F_RESERVED bit is not set, the SDB buffers are gone.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2024-57849"
},
{
"cve":"CVE-2024-57900",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2024-57900"
},
{
"cve":"CVE-2025-21647",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow's quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it's not worth\ncomplicating the code to preserve the old behaviour.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.1,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-21647"
},
{
"cve":"CVE-2025-21648",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.1,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2025-21648"
},
{
"cve":"CVE-2025-21667",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
},
"remediations":[
{
"product_ids":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
],
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1162"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":[
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.src",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.x86_64",
"openEuler-22.03-LTS-SP3:kernel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-250.0.0.153.oe2203sp3.aarch64",
"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-250.0.0.153.oe2203sp3.aarch64"
]
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2025-21667"
}
]
}