{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: sfc: add missing xdp queue reinitialization\n\nAfter rx/tx ring buffer size is changed, kernel panic occurs when\nit acts XDP_TX or XDP_REDIRECT.\n\nWhen tx/rx ring buffer size is changed(ethtool -G), sfc driver\nreallocates and reinitializes rx and tx queues and their buffer\n(tx_queue->buffer).\nBut it misses reinitializing xdp queues(efx->xdp_tx_queues).\nSo, while it is acting XDP_TX or XDP_REDIRECT, it uses the uninitialized\ntx_queue->buffer.\n\nA new function efx_set_xdp_channels() is separated from efx_set_channels()\nto handle only xdp queues.\n\nSplat looks like:\n BUG: kernel NULL pointer dereference, address: 000000000000002a\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#4] PREEMPT SMP NOPTI\n RIP: 0010:efx_tx_map_chunk+0x54/0x90 [sfc]\n CPU: 2 PID: 0 Comm: swapper/2 Tainted: G D 5.17.0+ #55 e8beeee8289528f11357029357cf\n Code: 48 8b 8d a8 01 00 00 48 8d 14 52 4c 8d 2c d0 44 89 e0 48 85 c9 74 0e 44 89 e2 4c 89 f6 48 80\n RSP: 0018:ffff92f121e45c60 EFLAGS: 00010297\n RIP: 0010:efx_tx_map_chunk+0x54/0x90 [sfc]\n RAX: 0000000000000040 RBX: ffff92ea506895c0 RCX: ffffffffc0330870\n RDX: 0000000000000001 RSI: 00000001139b10ce RDI: ffff92ea506895c0\n RBP: ffffffffc0358a80 R08: 00000001139b110d R09: 0000000000000000\n R10: 0000000000000001 R11: ffff92ea414c0088 R12: 0000000000000040\n R13: 0000000000000018 R14: 00000001139b10ce R15: ffff92ea506895c0\n FS: 0000000000000000(0000) GS:ffff92f121ec0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n Code: 48 8b 8d a8 01 00 00 48 8d 14 52 4c 8d 2c d0 44 89 e0 48 85 c9 74 0e 44 89 e2 4c 89 f6 48 80\n CR2: 000000000000002a CR3: 00000003e6810004 CR4: 00000000007706e0\n RSP: 0018:ffff92f121e85c60 EFLAGS: 00010297\n PKRU: 55555554\n RAX: 0000000000000040 RBX: ffff92ea50689700 RCX: ffffffffc0330870\n RDX: 0000000000000001 RSI: 00000001145a90ce RDI: ffff92ea50689700\n RBP: ffffffffc0358a80 R08: 00000001145a910d R09: 0000000000000000\n R10: 0000000000000001 R11: ffff92ea414c0088 R12: 0000000000000040\n R13: 0000000000000018 R14: 00000001145a90ce R15: ffff92ea50689700\n FS: 0000000000000000(0000) GS:ffff92f121e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000002a CR3: 00000003e6810005 CR4: 00000000007706e0\n PKRU: 55555554\n Call Trace:\n \n efx_xdp_tx_buffers+0x12b/0x3d0 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n __efx_rx_packet+0x5c3/0x930 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n efx_rx_packet+0x28c/0x2e0 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n efx_ef10_ev_process+0x5f8/0xf40 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n ? enqueue_task_fair+0x95/0x550\n efx_poll+0xc4/0x360 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5](CVE-2022-49096)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for DH\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.(CVE-2022-49564)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsrcu: Tighten cleanup_srcu_struct() GP checks\n\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct().(CVE-2022-49651)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix UAF in cifs_demultiplex_thread()\n\nThere is a UAF when xfstests on cifs:\n\n BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160\n Read of size 4 at addr ffff88810103fc08 by task cifsd/923\n\n CPU: 1 PID: 923 Comm: cifsd Not tainted 6.1.0-rc4+ #45\n ...\n Call Trace:\n \n dump_stack_lvl+0x34/0x44\n print_report+0x171/0x472\n kasan_report+0xad/0x130\n kasan_check_range+0x145/0x1a0\n smb2_is_network_name_deleted+0x27/0x160\n cifs_demultiplex_thread.cold+0x172/0x5a4\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n \n\n Allocated by task 923:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_slab_alloc+0x54/0x60\n kmem_cache_alloc+0x147/0x320\n mempool_alloc+0xe1/0x260\n cifs_small_buf_get+0x24/0x60\n allocate_buffers+0xa1/0x1c0\n cifs_demultiplex_thread+0x199/0x10d0\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n\n Freed by task 921:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x40\n ____kasan_slab_free+0x143/0x1b0\n kmem_cache_free+0xe3/0x4d0\n cifs_small_buf_release+0x29/0x90\n SMB2_negotiate+0x8b7/0x1c60\n smb2_negotiate+0x51/0x70\n cifs_negotiate_protocol+0xf0/0x160\n cifs_get_smb_ses+0x5fa/0x13c0\n mount_get_conns+0x7a/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe UAF is because:\n\n mount(pid: 921) | cifsd(pid: 923)\n-------------------------------|-------------------------------\n | cifs_demultiplex_thread\nSMB2_negotiate |\n cifs_send_recv |\n compound_send_recv |\n smb_send_rqst |\n wait_for_response |\n wait_event_state [1] |\n | standard_receive3\n | cifs_handle_standard\n | handle_mid\n | mid->resp_buf = buf; [2]\n | dequeue_mid [3]\n KILL the process [4] |\n resp_iov[i].iov_base = buf |\n free_rsp_buf [5] |\n | is_network_name_deleted [6]\n | callback\n\n1. After send request to server, wait the response until\n mid->mid_state != SUBMITTED;\n2. Receive response from server, and set it to mid;\n3. Set the mid state to RECEIVED;\n4. Kill the process, the mid state already RECEIVED, get 0;\n5. Handle and release the negotiate response;\n6. UAF.\n\nIt can be easily reproduce with add some delay in [3] - [6].\n\nOnly sync call has the problem since async call's callback is\nexecuted in cifsd process.\n\nAdd an extra state to mark the mid state to READY before wakeup the\nwaitter, then it can get the resp safely.(CVE-2023-52572)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix TCP timers deadlock after rmmod\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network namespace.\")\nfixed a netns UAF by manually enabled socket refcounting\n(sk->sk_net_refcnt=1 and sock_inuse_add(net, 1)).\n\nThe reason the patch worked for that bug was because we now hold\nreferences to the netns (get_net_track() gets a ref internally)\nand they're properly released (internally, on __sk_destruct()),\nbut only because sk->sk_net_refcnt was set.\n\nProblem:\n(this happens regardless of CONFIG_NET_NS_REFCNT_TRACKER and regardless\nif init_net or other)\n\nSetting sk->sk_net_refcnt=1 *manually* and *after* socket creation is not\nonly out of cifs scope, but also technically wrong -- it's set conditionally\nbased on user (=1) vs kernel (=0) sockets. And net/ implementations\nseem to base their user vs kernel space operations on it.\n\ne.g. upon TCP socket close, the TCP timers are not cleared because\nsk->sk_net_refcnt=1:\n(cf. commit 151c9c724d05 (\"tcp: properly terminate timers for kernel sockets\"))\n\nnet/ipv4/tcp.c:\n void tcp_close(struct sock *sk, long timeout)\n {\n \tlock_sock(sk);\n \t__tcp_close(sk, timeout);\n \trelease_sock(sk);\n \tif (!sk->sk_net_refcnt)\n \t\tinet_csk_clear_xmit_timers_sync(sk);\n \tsock_put(sk);\n }\n\nWhich will throw a lockdep warning and then, as expected, deadlock on\ntcp_write_timer().\n\nA way to reproduce this is by running the reproducer from ef7134c7fc48\nand then 'rmmod cifs'. A few seconds later, the deadlock/lockdep\nwarning shows up.\n\nFix:\nWe shouldn't mess with socket internals ourselves, so do not set\nsk_net_refcnt manually.\n\nAlso change __sock_create() to sock_create_kern() for explicitness.\n\nAs for non-init_net network namespaces, we deal with it the best way\nwe can -- hold an extra netns reference for server->ssocket and drop it\nwhen it's released. This ensures that the netns still exists whenever\nwe need to create/destroy server->ssocket, but is not directly tied to\nit.(CVE-2024-54680)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.(CVE-2024-56723)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f->bsize of the first element\nis smaller than m->bsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn't enough.(CVE-2024-57947)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I've redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It's not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can't read the buffer, be sure to unlock the page before returning.(CVE-2024-58001)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.(CVE-2024-58009)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708(CVE-2025-21719)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it's more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().(CVE-2025-21735)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport->release() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(&vsk->bound_table); // nop\n sock_put(&vsk->sk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2025-21756)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel\n\nAdvertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don't rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan't be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.(CVE-2025-21779)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro's suggestion and made this patch.(CVE-2025-21782)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1283", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" }, { "summary":"CVE-2022-49096", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49096&packageName=kernel" }, { "summary":"CVE-2022-49564", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49564&packageName=kernel" }, { "summary":"CVE-2022-49651", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49651&packageName=kernel" }, { "summary":"CVE-2023-52572", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-52572&packageName=kernel" }, { "summary":"CVE-2024-54680", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-54680&packageName=kernel" }, { "summary":"CVE-2024-56723", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56723&packageName=kernel" }, { "summary":"CVE-2024-57947", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57947&packageName=kernel" }, { "summary":"CVE-2024-58001", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58001&packageName=kernel" }, { "summary":"CVE-2024-58009", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58009&packageName=kernel" }, { "summary":"CVE-2025-21719", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21719&packageName=kernel" }, { "summary":"CVE-2025-21735", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21735&packageName=kernel" }, { "summary":"CVE-2025-21756", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21756&packageName=kernel" }, { "summary":"CVE-2025-21779", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21779&packageName=kernel" }, { "summary":"CVE-2025-21782", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21782&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49096" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49564" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49651" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52572" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-54680" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56723" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57947" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58001" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58009" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21719" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21735" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21756" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21779" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21782" }, { "summary":"openEuler-SA-2025-1283 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1283.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "tracking":{ "initial_release_date":"2025-03-14T23:37:30+08:00", "revision_history":[ { "date":"2025-03-14T23:37:30+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-03-14T23:37:30+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-03-14T23:37:30+08:00", "id":"openEuler-SA-2025-1283", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-254.0.0.157.oe2203sp3.src.rpm", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.src.rpm" }, "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"perf-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-254.0.0.157.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"perf-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "name":"python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2022-49096", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sfc: add missing xdp queue reinitialization\n\nAfter rx/tx ring buffer size is changed, kernel panic occurs when\nit acts XDP_TX or XDP_REDIRECT.\n\nWhen tx/rx ring buffer size is changed(ethtool -G), sfc driver\nreallocates and reinitializes rx and tx queues and their buffer\n(tx_queue->buffer).\nBut it misses reinitializing xdp queues(efx->xdp_tx_queues).\nSo, while it is acting XDP_TX or XDP_REDIRECT, it uses the uninitialized\ntx_queue->buffer.\n\nA new function efx_set_xdp_channels() is separated from efx_set_channels()\nto handle only xdp queues.\n\nSplat looks like:\n BUG: kernel NULL pointer dereference, address: 000000000000002a\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#4] PREEMPT SMP NOPTI\n RIP: 0010:efx_tx_map_chunk+0x54/0x90 [sfc]\n CPU: 2 PID: 0 Comm: swapper/2 Tainted: G D 5.17.0+ #55 e8beeee8289528f11357029357cf\n Code: 48 8b 8d a8 01 00 00 48 8d 14 52 4c 8d 2c d0 44 89 e0 48 85 c9 74 0e 44 89 e2 4c 89 f6 48 80\n RSP: 0018:ffff92f121e45c60 EFLAGS: 00010297\n RIP: 0010:efx_tx_map_chunk+0x54/0x90 [sfc]\n RAX: 0000000000000040 RBX: ffff92ea506895c0 RCX: ffffffffc0330870\n RDX: 0000000000000001 RSI: 00000001139b10ce RDI: ffff92ea506895c0\n RBP: ffffffffc0358a80 R08: 00000001139b110d R09: 0000000000000000\n R10: 0000000000000001 R11: ffff92ea414c0088 R12: 0000000000000040\n R13: 0000000000000018 R14: 00000001139b10ce R15: ffff92ea506895c0\n FS: 0000000000000000(0000) GS:ffff92f121ec0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n Code: 48 8b 8d a8 01 00 00 48 8d 14 52 4c 8d 2c d0 44 89 e0 48 85 c9 74 0e 44 89 e2 4c 89 f6 48 80\n CR2: 000000000000002a CR3: 00000003e6810004 CR4: 00000000007706e0\n RSP: 0018:ffff92f121e85c60 EFLAGS: 00010297\n PKRU: 55555554\n RAX: 0000000000000040 RBX: ffff92ea50689700 RCX: ffffffffc0330870\n RDX: 0000000000000001 RSI: 00000001145a90ce RDI: ffff92ea50689700\n RBP: ffffffffc0358a80 R08: 00000001145a910d R09: 0000000000000000\n R10: 0000000000000001 R11: ffff92ea414c0088 R12: 0000000000000040\n R13: 0000000000000018 R14: 00000001145a90ce R15: ffff92ea50689700\n FS: 0000000000000000(0000) GS:ffff92f121e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000000002a CR3: 00000003e6810005 CR4: 00000000007706e0\n PKRU: 55555554\n Call Trace:\n \n efx_xdp_tx_buffers+0x12b/0x3d0 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n __efx_rx_packet+0x5c3/0x930 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n efx_rx_packet+0x28c/0x2e0 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n efx_ef10_ev_process+0x5f8/0xf40 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]\n ? enqueue_task_fair+0x95/0x550\n efx_poll+0xc4/0x360 [sfc 84c94b8e32d44d296c17e10a634d3ad454de4ba5]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49096" }, { "cve":"CVE-2022-49564", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for DH\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49564" }, { "cve":"CVE-2022-49651", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsrcu: Tighten cleanup_srcu_struct() GP checks\n\nCurrently, cleanup_srcu_struct() checks for a grace period in progress,\nbut it does not check for a grace period that has not yet started but\nwhich might start at any time. Such a situation could result in a\nuse-after-free bug, so this commit adds a check for a grace period that\nis needed but not yet started to cleanup_srcu_struct().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49651" }, { "cve":"CVE-2023-52572", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix UAF in cifs_demultiplex_thread()\n\nThere is a UAF when xfstests on cifs:\n\n BUG: KASAN: use-after-free in smb2_is_network_name_deleted+0x27/0x160\n Read of size 4 at addr ffff88810103fc08 by task cifsd/923\n\n CPU: 1 PID: 923 Comm: cifsd Not tainted 6.1.0-rc4+ #45\n ...\n Call Trace:\n \n dump_stack_lvl+0x34/0x44\n print_report+0x171/0x472\n kasan_report+0xad/0x130\n kasan_check_range+0x145/0x1a0\n smb2_is_network_name_deleted+0x27/0x160\n cifs_demultiplex_thread.cold+0x172/0x5a4\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n \n\n Allocated by task 923:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_slab_alloc+0x54/0x60\n kmem_cache_alloc+0x147/0x320\n mempool_alloc+0xe1/0x260\n cifs_small_buf_get+0x24/0x60\n allocate_buffers+0xa1/0x1c0\n cifs_demultiplex_thread+0x199/0x10d0\n kthread+0x165/0x1a0\n ret_from_fork+0x1f/0x30\n\n Freed by task 921:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x40\n ____kasan_slab_free+0x143/0x1b0\n kmem_cache_free+0xe3/0x4d0\n cifs_small_buf_release+0x29/0x90\n SMB2_negotiate+0x8b7/0x1c60\n smb2_negotiate+0x51/0x70\n cifs_negotiate_protocol+0xf0/0x160\n cifs_get_smb_ses+0x5fa/0x13c0\n mount_get_conns+0x7a/0x750\n cifs_mount+0x103/0xd00\n cifs_smb3_do_mount+0x1dd/0xcb0\n smb3_get_tree+0x1d5/0x300\n vfs_get_tree+0x41/0xf0\n path_mount+0x9b3/0xdd0\n __x64_sys_mount+0x190/0x1d0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe UAF is because:\n\n mount(pid: 921) | cifsd(pid: 923)\n-------------------------------|-------------------------------\n | cifs_demultiplex_thread\nSMB2_negotiate |\n cifs_send_recv |\n compound_send_recv |\n smb_send_rqst |\n wait_for_response |\n wait_event_state [1] |\n | standard_receive3\n | cifs_handle_standard\n | handle_mid\n | mid->resp_buf = buf; [2]\n | dequeue_mid [3]\n KILL the process [4] |\n resp_iov[i].iov_base = buf |\n free_rsp_buf [5] |\n | is_network_name_deleted [6]\n | callback\n\n1. After send request to server, wait the response until\n mid->mid_state != SUBMITTED;\n2. Receive response from server, and set it to mid;\n3. Set the mid state to RECEIVED;\n4. Kill the process, the mid state already RECEIVED, get 0;\n5. Handle and release the negotiate response;\n6. UAF.\n\nIt can be easily reproduce with add some delay in [3] - [6].\n\nOnly sync call has the problem since async call's callback is\nexecuted in cifsd process.\n\nAdd an extra state to mark the mid state to READY before wakeup the\nwaitter, then it can get the resp safely.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-52572" }, { "cve":"CVE-2024-54680", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix TCP timers deadlock after rmmod\n\nCommit ef7134c7fc48 (\"smb: client: Fix use-after-free of network namespace.\")\nfixed a netns UAF by manually enabled socket refcounting\n(sk->sk_net_refcnt=1 and sock_inuse_add(net, 1)).\n\nThe reason the patch worked for that bug was because we now hold\nreferences to the netns (get_net_track() gets a ref internally)\nand they're properly released (internally, on __sk_destruct()),\nbut only because sk->sk_net_refcnt was set.\n\nProblem:\n(this happens regardless of CONFIG_NET_NS_REFCNT_TRACKER and regardless\nif init_net or other)\n\nSetting sk->sk_net_refcnt=1 *manually* and *after* socket creation is not\nonly out of cifs scope, but also technically wrong -- it's set conditionally\nbased on user (=1) vs kernel (=0) sockets. And net/ implementations\nseem to base their user vs kernel space operations on it.\n\ne.g. upon TCP socket close, the TCP timers are not cleared because\nsk->sk_net_refcnt=1:\n(cf. commit 151c9c724d05 (\"tcp: properly terminate timers for kernel sockets\"))\n\nnet/ipv4/tcp.c:\n void tcp_close(struct sock *sk, long timeout)\n {\n \tlock_sock(sk);\n \t__tcp_close(sk, timeout);\n \trelease_sock(sk);\n \tif (!sk->sk_net_refcnt)\n \t\tinet_csk_clear_xmit_timers_sync(sk);\n \tsock_put(sk);\n }\n\nWhich will throw a lockdep warning and then, as expected, deadlock on\ntcp_write_timer().\n\nA way to reproduce this is by running the reproducer from ef7134c7fc48\nand then 'rmmod cifs'. A few seconds later, the deadlock/lockdep\nwarning shows up.\n\nFix:\nWe shouldn't mess with socket internals ourselves, so do not set\nsk_net_refcnt manually.\n\nAlso change __sock_create() to sock_create_kern() for explicitness.\n\nAs for non-init_net network namespaces, we deal with it the best way\nwe can -- hold an extra netns reference for server->ssocket and drop it\nwhen it's released. This ensures that the netns still exists whenever\nwe need to create/destroy server->ssocket, but is not directly tied to\nit.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-54680" }, { "cve":"CVE-2024-56723", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56723" }, { "cve":"CVE-2024-57947", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f->bsize of the first element\nis smaller than m->bsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn't enough.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57947" }, { "cve":"CVE-2024-58001", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I've redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It's not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can't read the buffer, be sure to unlock the page before returning.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-58001" }, { "cve":"CVE-2024-58009", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-58009" }, { "cve":"CVE-2025-21719", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21719" }, { "cve":"CVE-2025-21735", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it's more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21735" }, { "cve":"CVE-2025-21756", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport->release() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(&vsk->bound_table); // nop\n sock_put(&vsk->sk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21756" }, { "cve":"CVE-2025-21779", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel\n\nAdvertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don't rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan't be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21779" }, { "cve":"CVE-2025-21782", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro's suggestion and made this patch.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1283" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-254.0.0.157.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-254.0.0.157.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21782" } ] }