{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS-SP1", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: make sure cache entry active before cache_show\n\nThe function `c_show` was called with protection from RCU. This only\nensures that `cp` will not be freed. Therefore, the reference count for\n`cp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `cache_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `cp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 822 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 7 UID: 0 PID: 822 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n\nCall Trace:\n \n c_show+0x2fc/0x380 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2024-53174)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.(CVE-2024-53680)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential UAF in default_operstate()\n\nsyzbot reported an UAF in default_operstate() [1]\n\nIssue is a race between device and netns dismantles.\n\nAfter calling __rtnl_unlock() from netdev_run_todo(),\nwe can not assume the netns of each device is still alive.\n\nMake sure the device is not in NETREG_UNREGISTERED state,\nand add an ASSERT_RTNL() before the call to\n__dev_get_by_index().\n\nWe might move this ASSERT_RTNL() in __dev_get_by_index()\nin the future.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\nRead of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339\n\nCPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\n default_operstate net/core/link_watch.c:51 [inline]\n rfc2863_policy+0x224/0x300 net/core/link_watch.c:67\n linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170\n netdev_run_todo+0x461/0x1000 net/core/dev.c:10894\n rtnl_unlock net/core/rtnetlink.c:152 [inline]\n rtnl_net_unlock include/linux/rtnetlink.h:133 [inline]\n rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520\n rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2a3cb80809\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809\nRDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008\nRBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8\n \n\nAllocated by task 5339:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kmalloc_array_noprof include/linux/slab.h:945 [inline]\n netdev_create_hash net/core/dev.c:11870 [inline]\n netdev_init+0x10c/0x250 net/core/dev.c:11890\n ops_init+0x31e/0x590 net/core/net_namespace.c:138\n setup_net+0x287/0x9e0 net/core/net_namespace.c:362\n copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500\n create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228\n ksys_unshare+0x57d/0xa70 kernel/fork.c:3314\n __do_sys_unshare kernel/fork.c:3385 [inline]\n __se_sys_unshare kernel/fork.c:3383 [inline]\n __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x8\n---truncated---(CVE-2024-56635)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix recursive lock when verdict program return SK_PASS\n\nWhen the stream_verdict program returns SK_PASS, it places the received skb\ninto its own receive queue, but a recursive lock eventually occurs, leading\nto an operating system deadlock. This issue has been present since v6.9.\n\n'''\nsk_psock_strp_data_ready\n write_lock_bh(&sk->sk_callback_lock)\n strp_data_ready\n strp_read_sock\n read_sock -> tcp_read_sock\n strp_recv\n cb.rcv_msg -> sk_psock_strp_read\n # now stream_verdict return SK_PASS without peer sock assign\n __SK_PASS = sk_psock_map_verd(SK_PASS, NULL)\n sk_psock_verdict_apply\n sk_psock_skb_ingress_self\n sk_psock_skb_ingress_enqueue\n sk_psock_data_ready\n read_lock_bh(&sk->sk_callback_lock) <= dead lock\n\n'''\n\nThis topic has been discussed before, but it has not been fixed.\nPrevious discussion:\nhttps://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch(CVE-2024-56694)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem >encode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when ->encode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of ->encode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels < v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels < v6.6.(CVE-2024-57924)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nhrtimers: Handle CPU state correctly on hotplug\n\nConsider a scenario where a CPU transitions from CPUHP_ONLINE to halfway\nthrough a CPU hotunplug down to CPUHP_HRTIMERS_PREPARE, and then back to\nCPUHP_ONLINE:\n\nSince hrtimers_prepare_cpu() does not run, cpu_base.hres_active remains set\nto 1 throughout. However, during a CPU unplug operation, the tick and the\nclockevents are shut down at CPUHP_AP_TICK_DYING. On return to the online\nstate, for instance CFS incorrectly assumes that the hrtick is already\nactive, and the chance of the clockevent device to transition to oneshot\nmode is also lost forever for the CPU, unless it goes back to a lower state\nthan CPUHP_HRTIMERS_PREPARE once.\n\nThis round-trip reveals another issue; cpu_base.online is not set to 1\nafter the transition, which appears as a WARN_ON_ONCE in enqueue_hrtimer().\n\nAside of that, the bulk of the per CPU state is not reset either, which\nmeans there are dangling pointers in the worst case.\n\nAddress this by adding a corresponding startup() callback, which resets the\nstale per CPU state and sets the online flag.\n\n[ tglx: Make the new callback unconditionally available, remove the online\n \tmodification in the prepare() callback and clear the remaining\n \tstate in the starting callback instead of the prepare callback ](CVE-2024-57951)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev->status pointer but doesn't reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev->status pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda (CVE-2024-57980)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 <0f> 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the 'order' parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().(CVE-2024-58005)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.(CVE-2024-58020)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don't free command immediately\n\nDon't prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.(CVE-2024-58055)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don't\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don't use soc_pcm_ret() on .prepare callback is better idea.(CVE-2024-58077)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n> > WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n> > ida_free called for id=127 which is not allocated.\n> > <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n...\n> > [<60941eb4>] ida_free+0x3e0/0x41f\n> > [<605ac993>] misc_minor_free+0x3e/0xbc\n> > [<605acb82>] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors(CVE-2024-58078)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server->hostname can't be freed as long as\ncifsd thread isn't done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff <0f>\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n (CVE-2025-21673)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel\n\nAttempt to enable IPsec packet offload in tunnel mode in debug kernel\ngenerates the following kernel panic, which is happening due to two\nissues:\n1. In SA add section, the should be _bh() variant when marking SA mode.\n2. There is not needed flush_workqueue in SA delete routine. It is not\nneeded as at this stage as it is removed from SADB and the running work\nwill be canceled later in SA free.\n\n =====================================================\n WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected\n 6.12.0+ #4 Not tainted\n -----------------------------------------------------\n charon/1337 [HC0[0]:SC0[4]:HE1:SE0] is trying to acquire:\n ffff88810f365020 (&xa->xa_lock#24){+.+.}-{3:3}, at: mlx5e_xfrm_del_state+0xca/0x1e0 [mlx5_core]\n\n and this task is already holding:\n ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n which would create a new lock dependency:\n (&x->lock){+.-.}-{3:3} -> (&xa->xa_lock#24){+.+.}-{3:3}\n\n but this new dependency connects a SOFTIRQ-irq-safe lock:\n (&x->lock){+.-.}-{3:3}\n\n ... which became SOFTIRQ-irq-safe at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n hrtimer_run_softirq+0x146/0x2e0\n handle_softirqs+0x266/0x860\n irq_exit_rcu+0x115/0x1a0\n sysvec_apic_timer_interrupt+0x6e/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n default_idle+0x13/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2da/0x320\n cpu_startup_entry+0x50/0x60\n start_secondary+0x213/0x2a0\n common_startup_64+0x129/0x138\n\n to a SOFTIRQ-irq-unsafe lock:\n (&xa->xa_lock#24){+.+.}-{3:3}\n\n ... which became SOFTIRQ-irq-unsafe at:\n ...\n lock_acquire+0x1be/0x520\n _raw_spin_lock+0x2c/0x40\n xa_set_mark+0x70/0x110\n mlx5e_xfrm_add_state+0xe48/0x2290 [mlx5_core]\n xfrm_dev_state_add+0x3bb/0xd70\n xfrm_add_sa+0x2451/0x4a90\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n other info that might help us debug this:\n\n Possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(&xa->xa_lock#24);\n local_irq_disable();\n lock(&x->lock);\n lock(&xa->xa_lock#24);\n \n lock(&x->lock);\n\n *** DEADLOCK ***\n\n 2 locks held by charon/1337:\n #0: ffffffff87f8f858 (&net->xfrm.xfrm_cfg_mutex){+.+.}-{4:4}, at: xfrm_netlink_rcv+0x5e/0x90\n #1: ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n\n the dependencies between SOFTIRQ-irq-safe lock and the holding lock:\n -> (&x->lock){+.-.}-{3:3} ops: 29 {\n HARDIRQ-ON-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_alloc_spi+0xc0/0xe60\n xfrm_alloc_userspi+0x5f6/0xbc0\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n IN-SOFTIRQ-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n \n---truncated---(CVE-2025-21674)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev->imix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type 'imix_pkt [20]'\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ](CVE-2025-21680)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -> ovs_vport_send\n -> dev_queue_xmit\n -> __dev_queue_xmit\n -> netdev_core_pick_tx\n -> skb_tx_hash\n\nWhen device is unregistering, the 'dev->real_num_tx_queues' goes to\nzero and the 'while (unlikely(hash >= qcount))' loop inside the\n'skb_tx_hash' becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn't implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn't really have a carrier.\nTherefore, while this device is unregistering, it's still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don't really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.(CVE-2025-21681)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk's reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2025-21683)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncachestat: fix page cache statistics permission checking\n\nWhen the 'cachestat()' system call was added in commit cf264e1329fb\n(\"cachestat: implement cachestat syscall\"), it was meant to be a much\nmore convenient (and performant) version of mincore() that didn't need\nmapping things into the user virtual address space in order to work.\n\nBut it ended up missing the \"check for writability or ownership\" fix for\nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()\nmore conservative\").\n\nThis just adds equivalent logic to 'cachestat()', modified for the file\ncontext (rather than vma).(CVE-2025-21691)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n (CVE-2025-21718)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: do not force clear folio if buffer is referenced\n\nPatch series \"nilfs2: protect busy buffer heads from being force-cleared\".\n\nThis series fixes the buffer head state inconsistency issues reported by\nsyzbot that occurs when the filesystem is corrupted and falls back to\nread-only, and the associated buffer head use-after-free issue.\n\n\nThis patch (of 2):\n\nSyzbot has reported that after nilfs2 detects filesystem corruption and\nfalls back to read-only, inconsistencies in the buffer state may occur.\n\nOne of the inconsistencies is that when nilfs2 calls mark_buffer_dirty()\nto set a data or metadata buffer as dirty, but it detects that the buffer\nis not in the uptodate state:\n\n WARNING: CPU: 0 PID: 6049 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520\n fs/buffer.c:1177\n ...\n Call Trace:\n \n nilfs_palloc_commit_alloc_entry+0x4b/0x160 fs/nilfs2/alloc.c:598\n nilfs_ifile_create_inode+0x1dd/0x3a0 fs/nilfs2/ifile.c:73\n nilfs_new_inode+0x254/0x830 fs/nilfs2/inode.c:344\n nilfs_mkdir+0x10d/0x340 fs/nilfs2/namei.c:218\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe other is when nilfs_btree_propagate(), which propagates the dirty\nstate to the ancestor nodes of a b-tree that point to a dirty buffer,\ndetects that the origin buffer is not dirty, even though it should be:\n\n WARNING: CPU: 0 PID: 5245 at fs/nilfs2/btree.c:2089\n nilfs_btree_propagate+0xc79/0xdf0 fs/nilfs2/btree.c:2089\n ...\n Call Trace:\n \n nilfs_bmap_propagate+0x75/0x120 fs/nilfs2/bmap.c:345\n nilfs_collect_file_data+0x4d/0xd0 fs/nilfs2/segment.c:587\n nilfs_segctor_apply_buffers+0x184/0x340 fs/nilfs2/segment.c:1006\n nilfs_segctor_scan_file+0x28c/0xa50 fs/nilfs2/segment.c:1045\n nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1216 [inline]\n nilfs_segctor_collect fs/nilfs2/segment.c:1540 [inline]\n nilfs_segctor_do_construct+0x1c28/0x6b90 fs/nilfs2/segment.c:2115\n nilfs_segctor_construct+0x181/0x6b0 fs/nilfs2/segment.c:2479\n nilfs_segctor_thread_construct fs/nilfs2/segment.c:2587 [inline]\n nilfs_segctor_thread+0x69e/0xe80 fs/nilfs2/segment.c:2701\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nBoth of these issues are caused by the callbacks that handle the\npage/folio write requests, forcibly clear various states, including the\nworking state of the buffers they hold, at unexpected times when they\ndetect read-only fallback.\n\nFix these issues by checking if the buffer is referenced before clearing\nthe page/folio state, and skipping the clear if it is.(CVE-2025-21722)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.(CVE-2025-21734)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.(CVE-2025-21738)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn't cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags & ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---(CVE-2025-21754)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport->release() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(&vsk->bound_table); // nop\n sock_put(&vsk->sk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2025-21756)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).(CVE-2025-21785)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f(CVE-2025-21787)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.(CVE-2025-21791)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nhrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING\n\nhrtimers are migrated away from the dying CPU to any online target at\nthe CPUHP_AP_HRTIMERS_DYING stage in order not to delay bandwidth timers\nhandling tasks involved in the CPU hotplug forward progress.\n\nHowever wakeups can still be performed by the outgoing CPU after\nCPUHP_AP_HRTIMERS_DYING. Those can result again in bandwidth timers being\narmed. Depending on several considerations (crystal ball power management\nbased election, earliest timer already enqueued, timer migration enabled or\nnot), the target may eventually be the current CPU even if offline. If that\nhappens, the timer is eventually ignored.\n\nThe most notable example is RCU which had to deal with each and every of\nthose wake-ups by deferring them to an online CPU, along with related\nworkarounds:\n\n_ e787644caf76 (rcu: Defer RCU kthreads wakeup when CPU is dying)\n_ 9139f93209d1 (rcu/nocb: Fix RT throttling hrtimer armed from offline CPU)\n_ f7345ccc62a4 (rcu/nocb: Fix rcuog wake-up from offline softirq)\n\nThe problem isn't confined to RCU though as the stop machine kthread\n(which runs CPUHP_AP_HRTIMERS_DYING) reports its completion at the end\nof its work through cpu_stop_signal_done() and performs a wake up that\neventually arms the deadline server timer:\n\n WARNING: CPU: 94 PID: 588 at kernel/time/hrtimer.c:1086 hrtimer_start_range_ns+0x289/0x2d0\n CPU: 94 UID: 0 PID: 588 Comm: migration/94 Not tainted\n Stopper: multi_cpu_stop+0x0/0x120 <- stop_machine_cpuslocked+0x66/0xc0\n RIP: 0010:hrtimer_start_range_ns+0x289/0x2d0\n Call Trace:\n \n start_dl_timer\n enqueue_dl_entity\n dl_server_start\n enqueue_task_fair\n enqueue_task\n ttwu_do_activate\n try_to_wake_up\n complete\n cpu_stopper_thread\n\nInstead of providing yet another bandaid to work around the situation, fix\nit in the hrtimers infrastructure instead: always migrate away a timer to\nan online target whenever it is enqueued from an offline CPU.\n\nThis will also allow to revert all the above RCU disgraceful hacks.(CVE-2025-21816)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port->sysrq)\n uart_port_lock(port)\n uart_handle_break()\n port->sysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port->sysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port->sysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.(CVE-2025-21820)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)(CVE-2025-21823)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nblock: don't revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don't revert for -EIOCBQUEUED, like what is done in other\nspots.(CVE-2025-21832)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.(CVE-2025-21844)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current->fs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller's credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.(CVE-2025-21846)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.(CVE-2025-21856)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe->opcode is used for different tables, make sure we santitise it\nagainst speculations.(CVE-2025-21863)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper->d_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n (CVE-2025-21887)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ](CVE-2025-21889)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1372", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" }, { "summary":"CVE-2024-53174", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53174&packageName=kernel" }, { "summary":"CVE-2024-53680", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53680&packageName=kernel" }, { "summary":"CVE-2024-56635", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56635&packageName=kernel" }, { "summary":"CVE-2024-56694", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56694&packageName=kernel" }, { "summary":"CVE-2024-57924", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57924&packageName=kernel" }, { "summary":"CVE-2024-57951", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57951&packageName=kernel" }, { "summary":"CVE-2024-57980", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57980&packageName=kernel" }, { "summary":"CVE-2024-58005", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58005&packageName=kernel" }, { "summary":"CVE-2024-58020", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58020&packageName=kernel" }, { "summary":"CVE-2024-58055", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58055&packageName=kernel" }, { "summary":"CVE-2024-58077", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58077&packageName=kernel" }, { "summary":"CVE-2024-58078", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58078&packageName=kernel" }, { "summary":"CVE-2025-21673", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21673&packageName=kernel" }, { "summary":"CVE-2025-21674", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21674&packageName=kernel" }, { "summary":"CVE-2025-21680", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21680&packageName=kernel" }, { "summary":"CVE-2025-21681", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21681&packageName=kernel" }, { "summary":"CVE-2025-21683", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21683&packageName=kernel" }, { "summary":"CVE-2025-21691", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21691&packageName=kernel" }, { "summary":"CVE-2025-21718", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21718&packageName=kernel" }, { "summary":"CVE-2025-21722", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21722&packageName=kernel" }, { "summary":"CVE-2025-21734", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21734&packageName=kernel" }, { "summary":"CVE-2025-21738", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21738&packageName=kernel" }, { "summary":"CVE-2025-21754", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21754&packageName=kernel" }, { "summary":"CVE-2025-21756", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21756&packageName=kernel" }, { "summary":"CVE-2025-21785", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21785&packageName=kernel" }, { "summary":"CVE-2025-21787", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21787&packageName=kernel" }, { "summary":"CVE-2025-21791", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21791&packageName=kernel" }, { "summary":"CVE-2025-21816", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21816&packageName=kernel" }, { "summary":"CVE-2025-21820", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21820&packageName=kernel" }, { "summary":"CVE-2025-21823", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21823&packageName=kernel" }, { "summary":"CVE-2025-21832", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21832&packageName=kernel" }, { "summary":"CVE-2025-21844", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21844&packageName=kernel" }, { "summary":"CVE-2025-21846", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21846&packageName=kernel" }, { "summary":"CVE-2025-21856", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21856&packageName=kernel" }, { "summary":"CVE-2025-21863", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21863&packageName=kernel" }, { "summary":"CVE-2025-21887", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21887&packageName=kernel" }, { "summary":"CVE-2025-21889", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21889&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53174" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53680" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56635" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56694" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57924" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57951" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57980" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58005" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58020" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58055" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58077" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58078" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21673" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21674" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21680" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21681" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21683" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21691" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21718" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21722" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21734" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21738" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21754" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21756" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21785" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21787" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21791" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21816" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21820" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21823" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21832" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21844" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21846" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21856" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21863" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21887" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21889" }, { "summary":"openEuler-SA-2025-1372 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1372.json" } ], "title":"An update for kernel is now available for openEuler-24.03-LTS-SP1", "tracking":{ "initial_release_date":"2025-04-03T20:56:38+08:00", "revision_history":[ { "date":"2025-04-03T20:56:38+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-04-03T20:56:38+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-04-03T20:56:38+08:00", "id":"openEuler-SA-2025-1372", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"openEuler-24.03-LTS-SP1", "name":"openEuler-24.03-LTS-SP1" }, "name":"openEuler-24.03-LTS-SP1", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-85.0.0.90.oe2403sp1.src.rpm", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.src.rpm" }, "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"perf-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"perf-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "name":"python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-85.0.0.90.oe2403sp1.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src", "name":"kernel-6.6.0-85.0.0.90.oe2403sp1.src as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2024-53174", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: make sure cache entry active before cache_show\n\nThe function `c_show` was called with protection from RCU. This only\nensures that `cp` will not be freed. Therefore, the reference count for\n`cp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `cache_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `cp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 822 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 7 UID: 0 PID: 822 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n\nCall Trace:\n \n c_show+0x2fc/0x380 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53174" }, { "cve":"CVE-2024-53680", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.8, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53680" }, { "cve":"CVE-2024-56635", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential UAF in default_operstate()\n\nsyzbot reported an UAF in default_operstate() [1]\n\nIssue is a race between device and netns dismantles.\n\nAfter calling __rtnl_unlock() from netdev_run_todo(),\nwe can not assume the netns of each device is still alive.\n\nMake sure the device is not in NETREG_UNREGISTERED state,\nand add an ASSERT_RTNL() before the call to\n__dev_get_by_index().\n\nWe might move this ASSERT_RTNL() in __dev_get_by_index()\nin the future.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\nRead of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339\n\nCPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\n default_operstate net/core/link_watch.c:51 [inline]\n rfc2863_policy+0x224/0x300 net/core/link_watch.c:67\n linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170\n netdev_run_todo+0x461/0x1000 net/core/dev.c:10894\n rtnl_unlock net/core/rtnetlink.c:152 [inline]\n rtnl_net_unlock include/linux/rtnetlink.h:133 [inline]\n rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520\n rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2a3cb80809\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809\nRDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008\nRBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8\n \n\nAllocated by task 5339:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kmalloc_array_noprof include/linux/slab.h:945 [inline]\n netdev_create_hash net/core/dev.c:11870 [inline]\n netdev_init+0x10c/0x250 net/core/dev.c:11890\n ops_init+0x31e/0x590 net/core/net_namespace.c:138\n setup_net+0x287/0x9e0 net/core/net_namespace.c:362\n copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500\n create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228\n ksys_unshare+0x57d/0xa70 kernel/fork.c:3314\n __do_sys_unshare kernel/fork.c:3385 [inline]\n __se_sys_unshare kernel/fork.c:3383 [inline]\n __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x8\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56635" }, { "cve":"CVE-2024-56694", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix recursive lock when verdict program return SK_PASS\n\nWhen the stream_verdict program returns SK_PASS, it places the received skb\ninto its own receive queue, but a recursive lock eventually occurs, leading\nto an operating system deadlock. This issue has been present since v6.9.\n\n'''\nsk_psock_strp_data_ready\n write_lock_bh(&sk->sk_callback_lock)\n strp_data_ready\n strp_read_sock\n read_sock -> tcp_read_sock\n strp_recv\n cb.rcv_msg -> sk_psock_strp_read\n # now stream_verdict return SK_PASS without peer sock assign\n __SK_PASS = sk_psock_map_verd(SK_PASS, NULL)\n sk_psock_verdict_apply\n sk_psock_skb_ingress_self\n sk_psock_skb_ingress_enqueue\n sk_psock_data_ready\n read_lock_bh(&sk->sk_callback_lock) <= dead lock\n\n'''\n\nThis topic has been discussed before, but it has not been fixed.\nPrevious discussion:\nhttps://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56694" }, { "cve":"CVE-2024-57924", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem >encode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when ->encode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of ->encode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels < v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels < v6.6.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-57924" }, { "cve":"CVE-2024-57951", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nhrtimers: Handle CPU state correctly on hotplug\n\nConsider a scenario where a CPU transitions from CPUHP_ONLINE to halfway\nthrough a CPU hotunplug down to CPUHP_HRTIMERS_PREPARE, and then back to\nCPUHP_ONLINE:\n\nSince hrtimers_prepare_cpu() does not run, cpu_base.hres_active remains set\nto 1 throughout. However, during a CPU unplug operation, the tick and the\nclockevents are shut down at CPUHP_AP_TICK_DYING. On return to the online\nstate, for instance CFS incorrectly assumes that the hrtick is already\nactive, and the chance of the clockevent device to transition to oneshot\nmode is also lost forever for the CPU, unless it goes back to a lower state\nthan CPUHP_HRTIMERS_PREPARE once.\n\nThis round-trip reveals another issue; cpu_base.online is not set to 1\nafter the transition, which appears as a WARN_ON_ONCE in enqueue_hrtimer().\n\nAside of that, the bulk of the per CPU state is not reset either, which\nmeans there are dangling pointers in the worst case.\n\nAddress this by adding a corresponding startup() callback, which resets the\nstale per CPU state and sets the online flag.\n\n[ tglx: Make the new callback unconditionally available, remove the online\n \tmodification in the prepare() callback and clear the remaining\n \tstate in the starting callback instead of the prepare callback ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57951" }, { "cve":"CVE-2024-57980", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev->status pointer but doesn't reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev->status pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57980" }, { "cve":"CVE-2024-58005", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 <0f> 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the 'order' parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58005" }, { "cve":"CVE-2024-58020", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58020" }, { "cve":"CVE-2024-58055", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don't free command immediately\n\nDon't prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58055" }, { "cve":"CVE-2024-58077", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback\n\ncommit 1f5664351410 (\"ASoC: lower \"no backend DAIs enabled for ... Port\"\nlog severity\") ignores -EINVAL error message on common soc_pcm_ret().\nIt is used from many functions, ignoring -EINVAL is over-kill.\n\nThe reason why -EINVAL was ignored was it really should only be used\nupon invalid parameters coming from userspace and in that case we don't\nwant to log an error since we do not want to give userspace a way to do\na denial-of-service attack on the syslog / diskspace.\n\nSo don't use soc_pcm_ret() on .prepare callback is better idea.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58077" }, { "cve":"CVE-2024-58078", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n> > WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n> > ida_free called for id=127 which is not allocated.\n> > <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n...\n> > [<60941eb4>] ida_free+0x3e0/0x41f\n> > [<605ac993>] misc_minor_free+0x3e/0xbc\n> > [<605acb82>] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-58078" }, { "cve":"CVE-2025-21673", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server->hostname can't be freed as long as\ncifsd thread isn't done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff <0f>\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21673" }, { "cve":"CVE-2025-21674", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel\n\nAttempt to enable IPsec packet offload in tunnel mode in debug kernel\ngenerates the following kernel panic, which is happening due to two\nissues:\n1. In SA add section, the should be _bh() variant when marking SA mode.\n2. There is not needed flush_workqueue in SA delete routine. It is not\nneeded as at this stage as it is removed from SADB and the running work\nwill be canceled later in SA free.\n\n =====================================================\n WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected\n 6.12.0+ #4 Not tainted\n -----------------------------------------------------\n charon/1337 [HC0[0]:SC0[4]:HE1:SE0] is trying to acquire:\n ffff88810f365020 (&xa->xa_lock#24){+.+.}-{3:3}, at: mlx5e_xfrm_del_state+0xca/0x1e0 [mlx5_core]\n\n and this task is already holding:\n ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n which would create a new lock dependency:\n (&x->lock){+.-.}-{3:3} -> (&xa->xa_lock#24){+.+.}-{3:3}\n\n but this new dependency connects a SOFTIRQ-irq-safe lock:\n (&x->lock){+.-.}-{3:3}\n\n ... which became SOFTIRQ-irq-safe at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n hrtimer_run_softirq+0x146/0x2e0\n handle_softirqs+0x266/0x860\n irq_exit_rcu+0x115/0x1a0\n sysvec_apic_timer_interrupt+0x6e/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n default_idle+0x13/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2da/0x320\n cpu_startup_entry+0x50/0x60\n start_secondary+0x213/0x2a0\n common_startup_64+0x129/0x138\n\n to a SOFTIRQ-irq-unsafe lock:\n (&xa->xa_lock#24){+.+.}-{3:3}\n\n ... which became SOFTIRQ-irq-unsafe at:\n ...\n lock_acquire+0x1be/0x520\n _raw_spin_lock+0x2c/0x40\n xa_set_mark+0x70/0x110\n mlx5e_xfrm_add_state+0xe48/0x2290 [mlx5_core]\n xfrm_dev_state_add+0x3bb/0xd70\n xfrm_add_sa+0x2451/0x4a90\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n other info that might help us debug this:\n\n Possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(&xa->xa_lock#24);\n local_irq_disable();\n lock(&x->lock);\n lock(&xa->xa_lock#24);\n \n lock(&x->lock);\n\n *** DEADLOCK ***\n\n 2 locks held by charon/1337:\n #0: ffffffff87f8f858 (&net->xfrm.xfrm_cfg_mutex){+.+.}-{4:4}, at: xfrm_netlink_rcv+0x5e/0x90\n #1: ffff88813e0f0d48 (&x->lock){+.-.}-{3:3}, at: xfrm_state_delete+0x16/0x30\n\n the dependencies between SOFTIRQ-irq-safe lock and the holding lock:\n -> (&x->lock){+.-.}-{3:3} ops: 29 {\n HARDIRQ-ON-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_alloc_spi+0xc0/0xe60\n xfrm_alloc_userspi+0x5f6/0xbc0\n xfrm_user_rcv_msg+0x493/0x880\n netlink_rcv_skb+0x12e/0x380\n xfrm_netlink_rcv+0x6d/0x90\n netlink_unicast+0x42f/0x740\n netlink_sendmsg+0x745/0xbe0\n __sock_sendmsg+0xc5/0x190\n __sys_sendto+0x1fe/0x2c0\n __x64_sys_sendto+0xdc/0x1b0\n do_syscall_64+0x6d/0x140\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n IN-SOFTIRQ-W at:\n lock_acquire+0x1be/0x520\n _raw_spin_lock_bh+0x34/0x40\n xfrm_timer_handler+0x91/0xd70\n __hrtimer_run_queues+0x1dd/0xa60\n \n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21674" }, { "cve":"CVE-2025-21680", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev->imix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type 'imix_pkt [20]'\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21680" }, { "cve":"CVE-2025-21681", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -> ovs_vport_send\n -> dev_queue_xmit\n -> __dev_queue_xmit\n -> netdev_core_pick_tx\n -> skb_tx_hash\n\nWhen device is unregistering, the 'dev->real_num_tx_queues' goes to\nzero and the 'while (unlikely(hash >= qcount))' loop inside the\n'skb_tx_hash' becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn't implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn't really have a carrier.\nTherefore, while this device is unregistering, it's still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don't really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21681" }, { "cve":"CVE-2025-21683", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk's reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21683" }, { "cve":"CVE-2025-21691", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncachestat: fix page cache statistics permission checking\n\nWhen the 'cachestat()' system call was added in commit cf264e1329fb\n(\"cachestat: implement cachestat syscall\"), it was meant to be a much\nmore convenient (and performant) version of mincore() that didn't need\nmapping things into the user virtual address space in order to work.\n\nBut it ended up missing the \"check for writability or ownership\" fix for\nmincore(), done in commit 134fca9063ad (\"mm/mincore.c: make mincore()\nmore conservative\").\n\nThis just adds equivalent logic to 'cachestat()', modified for the file\ncontext (rather than vma).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21691" }, { "cve":"CVE-2025-21718", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21718" }, { "cve":"CVE-2025-21722", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: do not force clear folio if buffer is referenced\n\nPatch series \"nilfs2: protect busy buffer heads from being force-cleared\".\n\nThis series fixes the buffer head state inconsistency issues reported by\nsyzbot that occurs when the filesystem is corrupted and falls back to\nread-only, and the associated buffer head use-after-free issue.\n\n\nThis patch (of 2):\n\nSyzbot has reported that after nilfs2 detects filesystem corruption and\nfalls back to read-only, inconsistencies in the buffer state may occur.\n\nOne of the inconsistencies is that when nilfs2 calls mark_buffer_dirty()\nto set a data or metadata buffer as dirty, but it detects that the buffer\nis not in the uptodate state:\n\n WARNING: CPU: 0 PID: 6049 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520\n fs/buffer.c:1177\n ...\n Call Trace:\n \n nilfs_palloc_commit_alloc_entry+0x4b/0x160 fs/nilfs2/alloc.c:598\n nilfs_ifile_create_inode+0x1dd/0x3a0 fs/nilfs2/ifile.c:73\n nilfs_new_inode+0x254/0x830 fs/nilfs2/inode.c:344\n nilfs_mkdir+0x10d/0x340 fs/nilfs2/namei.c:218\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe other is when nilfs_btree_propagate(), which propagates the dirty\nstate to the ancestor nodes of a b-tree that point to a dirty buffer,\ndetects that the origin buffer is not dirty, even though it should be:\n\n WARNING: CPU: 0 PID: 5245 at fs/nilfs2/btree.c:2089\n nilfs_btree_propagate+0xc79/0xdf0 fs/nilfs2/btree.c:2089\n ...\n Call Trace:\n \n nilfs_bmap_propagate+0x75/0x120 fs/nilfs2/bmap.c:345\n nilfs_collect_file_data+0x4d/0xd0 fs/nilfs2/segment.c:587\n nilfs_segctor_apply_buffers+0x184/0x340 fs/nilfs2/segment.c:1006\n nilfs_segctor_scan_file+0x28c/0xa50 fs/nilfs2/segment.c:1045\n nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1216 [inline]\n nilfs_segctor_collect fs/nilfs2/segment.c:1540 [inline]\n nilfs_segctor_do_construct+0x1c28/0x6b90 fs/nilfs2/segment.c:2115\n nilfs_segctor_construct+0x181/0x6b0 fs/nilfs2/segment.c:2479\n nilfs_segctor_thread_construct fs/nilfs2/segment.c:2587 [inline]\n nilfs_segctor_thread+0x69e/0xe80 fs/nilfs2/segment.c:2701\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nBoth of these issues are caused by the callbacks that handle the\npage/folio write requests, forcibly clear various states, including the\nworking state of the buffers they hold, at unexpected times when they\ndetect read-only fallback.\n\nFix these issues by checking if the buffer is referenced before clearing\nthe page/folio state, and skipping the clear if it is.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21722" }, { "cve":"CVE-2025-21734", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21734" }, { "cve":"CVE-2025-21738", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.3, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21738" }, { "cve":"CVE-2025-21754", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn't cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags & ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21754" }, { "cve":"CVE-2025-21756", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport->release() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(&vsk->bound_table); // nop\n sock_put(&vsk->sk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21756" }, { "cve":"CVE-2025-21785", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21785" }, { "cve":"CVE-2025-21787", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21787" }, { "cve":"CVE-2025-21791", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21791" }, { "cve":"CVE-2025-21816", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nhrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING\n\nhrtimers are migrated away from the dying CPU to any online target at\nthe CPUHP_AP_HRTIMERS_DYING stage in order not to delay bandwidth timers\nhandling tasks involved in the CPU hotplug forward progress.\n\nHowever wakeups can still be performed by the outgoing CPU after\nCPUHP_AP_HRTIMERS_DYING. Those can result again in bandwidth timers being\narmed. Depending on several considerations (crystal ball power management\nbased election, earliest timer already enqueued, timer migration enabled or\nnot), the target may eventually be the current CPU even if offline. If that\nhappens, the timer is eventually ignored.\n\nThe most notable example is RCU which had to deal with each and every of\nthose wake-ups by deferring them to an online CPU, along with related\nworkarounds:\n\n_ e787644caf76 (rcu: Defer RCU kthreads wakeup when CPU is dying)\n_ 9139f93209d1 (rcu/nocb: Fix RT throttling hrtimer armed from offline CPU)\n_ f7345ccc62a4 (rcu/nocb: Fix rcuog wake-up from offline softirq)\n\nThe problem isn't confined to RCU though as the stop machine kthread\n(which runs CPUHP_AP_HRTIMERS_DYING) reports its completion at the end\nof its work through cpu_stop_signal_done() and performs a wake up that\neventually arms the deadline server timer:\n\n WARNING: CPU: 94 PID: 588 at kernel/time/hrtimer.c:1086 hrtimer_start_range_ns+0x289/0x2d0\n CPU: 94 UID: 0 PID: 588 Comm: migration/94 Not tainted\n Stopper: multi_cpu_stop+0x0/0x120 <- stop_machine_cpuslocked+0x66/0xc0\n RIP: 0010:hrtimer_start_range_ns+0x289/0x2d0\n Call Trace:\n \n start_dl_timer\n enqueue_dl_entity\n dl_server_start\n enqueue_task_fair\n enqueue_task\n ttwu_do_activate\n try_to_wake_up\n complete\n cpu_stopper_thread\n\nInstead of providing yet another bandaid to work around the situation, fix\nit in the hrtimers infrastructure instead: always migrate away a timer to\nan online target whenever it is enqueued from an offline CPU.\n\nThis will also allow to revert all the above RCU disgraceful hacks.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21816" }, { "cve":"CVE-2025-21820", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port->sysrq)\n uart_port_lock(port)\n uart_handle_break()\n port->sysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port->sysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port->sysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21820" }, { "cve":"CVE-2025-21823", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21823" }, { "cve":"CVE-2025-21832", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don't revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don't revert for -EIOCBQUEUED, like what is done in other\nspots.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21832" }, { "cve":"CVE-2025-21844", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21844" }, { "cve":"CVE-2025-21846", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current->fs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller's credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21846" }, { "cve":"CVE-2025-21856", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21856" }, { "cve":"CVE-2025-21863", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe->opcode is used for different tables, make sure we santitise it\nagainst speculations.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21863" }, { "cve":"CVE-2025-21887", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper->d_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21887" }, { "cve":"CVE-2025-21889", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1372" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-85.0.0.90.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-85.0.0.90.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21889" } ] }