{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.(CVE-2023-53034)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to shrink read extent node in batches\n\nWe use rwlock to protect core structure data of extent tree during\nits shrink, however, if there is a huge number of extent nodes in\nextent tree, during shrink of extent tree, it may hold rwlock for\na very long time, which may trigger kernel hang issue.\n\nThis patch fixes to shrink read extent node in batches, so that,\ncritical region of the rwlock can be shrunk to avoid its extreme\nlong time hold.(CVE-2024-41935)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvrf: revert \"vrf: Remove unnecessary RCU-bh critical section\"\n\nThis reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853.\n\ndev_queue_xmit_nit is expected to be called with BH disabled.\n__dev_queue_xmit has the following:\n\n /* Disable soft irqs for various locks below. Also\n * stops preemption for RCU.\n */\n rcu_read_lock_bh();\n\nVRF must follow this invariant. The referenced commit removed this\nprotection. Which triggered a lockdep warning:\n\n\t================================\n\tWARNING: inconsistent lock state\n\t6.11.0 #1 Tainted: G W\n\t--------------------------------\n\tinconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.\n\tbtserver/134819 [HC0[0]:SC0[0]:HE1:SE1] takes:\n\tffff8882da30c118 (rlock-AF_PACKET){+.?.}-{2:2}, at: tpacket_rcv+0x863/0x3b30\n\t{IN-SOFTIRQ-W} state was registered at:\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t packet_rcv+0xa33/0x1320\n\t __netif_receive_skb_core.constprop.0+0xcb0/0x3a90\n\t __netif_receive_skb_list_core+0x2c9/0x890\n\t netif_receive_skb_list_internal+0x610/0xcc0\n [...]\n\n\tother info that might help us debug this:\n\t Possible unsafe locking scenario:\n\n\t CPU0\n\t ----\n\t lock(rlock-AF_PACKET);\n\t \n\t lock(rlock-AF_PACKET);\n\n\t *** DEADLOCK ***\n\n\tCall Trace:\n\t \n\t dump_stack_lvl+0x73/0xa0\n\t mark_lock+0x102e/0x16b0\n\t __lock_acquire+0x9ae/0x6170\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t tpacket_rcv+0x863/0x3b30\n\t dev_queue_xmit_nit+0x709/0xa40\n\t vrf_finish_direct+0x26e/0x340 [vrf]\n\t vrf_l3_out+0x5f4/0xe80 [vrf]\n\t __ip_local_out+0x51e/0x7a0\n [...](CVE-2024-49980)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit->cmd[i].size\" and \"submit->cmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/(CVE-2024-52559)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()\n\nExtended the `mi_enum_attr()` function interface with an additional\nparameter, `struct ntfs_inode *ni`, to allow marking the inode\nas bad as soon as an error is detected.(CVE-2024-52560)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read.(CVE-2024-53162)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: make sure cache entry active before cache_show\n\nThe function `c_show` was called with protection from RCU. This only\nensures that `cp` will not be freed. Therefore, the reference count for\n`cp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `cache_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `cp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 822 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 7 UID: 0 PID: 822 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n\nCall Trace:\n \n c_show+0x2fc/0x380 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2024-53174)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids->entries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it's\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn't block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we're here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid->dentry.(CVE-2024-53176)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids->cfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)(CVE-2024-53177)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don't leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids->entries list but doesn't drop a ref if has_lease isn't true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid->has_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [] __kmalloc_cache_noprof+0x2be/0x350\n [] open_cached_dir+0x993/0x1fb0\n [] cifs_readdir+0x15a0/0x1d50\n [] iterate_dir+0x28f/0x4b0\n [] __x64_sys_getdents64+0xfd/0x200\n [] do_syscall_64+0x95/0x1a0\n [] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [] __kmalloc_node_track_caller_noprof+0x363/0x480\n [] kstrdup+0x36/0x60\n [] open_cached_dir+0x9b0/0x1fb0\n [] cifs_readdir+0x15a0/0x1d50\n [] iterate_dir+0x28f/0x4b0\n [] __x64_sys_getdents64+0xfd/0x200\n [] do_syscall_64+0x95/0x1a0\n [] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff <0f> 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---(CVE-2024-53178)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free of signing key\n\nCustomers have reported use-after-free in @ses->auth_key.response with\nSMB2.1 + sign mounts which occurs due to following race:\n\ntask A task B\ncifs_mount()\n dfs_mount_share()\n get_session()\n cifs_mount_get_session() cifs_send_recv()\n cifs_get_smb_ses() compound_send_recv()\n cifs_setup_session() smb2_setup_request()\n kfree_sensitive() smb2_calc_signature()\n crypto_shash_setkey() *UAF*\n\nFix this by ensuring that we have a valid @ses->auth_key.response by\nchecking whether @ses->ses_status is SES_GOOD or SES_EXITING with\n@ses->ses_lock held. After commit 24a9799aa8ef (\"smb: client: fix UAF\nin smb2_reconnect_server()\"), we made sure to call ->logoff() only\nwhen @ses was known to be good (e.g. valid ->auth_key.response), so\nit's safe to access signing key when @ses->ses_status == SES_EXITING.(CVE-2024-53179)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\num: vector: Do not use drvdata in release\n\nThe drvdata is not available in release. Let's just use container_of()\nto get the vector_device instance. Otherwise, removing a vector device\nwill result in a crash:\n\nRIP: 0033:vector_device_release+0xf/0x50\nRSP: 00000000e187bc40 EFLAGS: 00010202\nRAX: 0000000060028f61 RBX: 00000000600f1baf RCX: 00000000620074e0\nRDX: 000000006220b9c0 RSI: 0000000060551c80 RDI: 0000000000000000\nRBP: 00000000e187bc50 R08: 00000000603ad594 R09: 00000000e187bb70\nR10: 000000000000135a R11: 00000000603ad422 R12: 00000000623ae028\nR13: 000000006287a200 R14: 0000000062006d30 R15: 00000000623700b6\nKernel panic - not syncing: Segfault with no mm\nCPU: 0 UID: 0 PID: 16 Comm: kworker/0:1 Not tainted 6.12.0-rc6-g59b723cd2adb #1\nWorkqueue: events mc_work_proc\nStack:\n 60028f61 623ae028 e187bc80 60276fcd\n 6220b9c0 603f5820 623ae028 00000000\n e187bcb0 603a2bcd 623ae000 62370010\nCall Trace:\n [<60028f61>] ? vector_device_release+0x0/0x50\n [<60276fcd>] device_release+0x70/0xba\n [<603a2bcd>] kobject_put+0xba/0xe7\n [<60277265>] put_device+0x19/0x1c\n [<60281266>] platform_device_put+0x26/0x29\n [<60281e5f>] platform_device_unregister+0x2c/0x2e\n [<60029422>] vector_remove+0x52/0x58\n [<60031316>] ? mconsole_reply+0x0/0x50\n [<600310c8>] mconsole_remove+0x160/0x1cc\n [<603b19f4>] ? strlen+0x0/0x15\n [<60066611>] ? __dequeue_entity+0x1a9/0x206\n [<600666a7>] ? set_next_entity+0x39/0x63\n [<6006666e>] ? set_next_entity+0x0/0x63\n [<60038fa6>] ? um_set_signals+0x0/0x43\n [<6003070c>] mc_work_proc+0x77/0x91\n [<60057664>] process_scheduled_works+0x1b3/0x2dd\n [<60055f32>] ? assign_work+0x0/0x58\n [<60057f0a>] worker_thread+0x1e9/0x293\n [<6005406f>] ? set_pf_worker+0x0/0x64\n [<6005d65d>] ? arch_local_irq_save+0x0/0x2d\n [<6005d748>] ? kthread_exit+0x0/0x3a\n [<60057d21>] ? worker_thread+0x0/0x293\n [<6005dbf1>] kthread+0x126/0x12b\n [<600219c5>] new_thread_handler+0x85/0xb6(CVE-2024-53181)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ns390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()\n\nPassing MSG_PEEK flag to skb_recv_datagram() increments skb refcount\n(skb->users) and iucv_sock_recvmsg() does not decrement skb refcount\nat exit.\nThis results in skb memory leak in skb_queue_purge() and WARN_ON in\niucv_sock_destruct() during socket close. To fix this decrease\nskb refcount by one if MSG_PEEK is set in order to prevent memory\nleak and WARN_ON.\n\nWARNING: CPU: 2 PID: 6292 at net/iucv/af_iucv.c:286 iucv_sock_destruct+0x144/0x1a0 [af_iucv]\nCPU: 2 PID: 6292 Comm: afiucv_test_msg Kdump: loaded Tainted: G W 6.10.0-rc7 #1\nHardware name: IBM 3931 A01 704 (z/VM 7.3.0)\nCall Trace:\n [<001587c682c4aa98>] iucv_sock_destruct+0x148/0x1a0 [af_iucv]\n [<001587c682c4a9d0>] iucv_sock_destruct+0x80/0x1a0 [af_iucv]\n [<001587c704117a32>] __sk_destruct+0x52/0x550\n [<001587c704104a54>] __sock_release+0xa4/0x230\n [<001587c704104c0c>] sock_close+0x2c/0x40\n [<001587c702c5f5a8>] __fput+0x2e8/0x970\n [<001587c7024148c4>] task_work_run+0x1c4/0x2c0\n [<001587c7023b0716>] do_exit+0x996/0x1050\n [<001587c7023b13aa>] do_group_exit+0x13a/0x360\n [<001587c7023b1626>] __s390x_sys_exit_group+0x56/0x60\n [<001587c7022bccca>] do_syscall+0x27a/0x380\n [<001587c7049a6a0c>] __do_syscall+0x9c/0x160\n [<001587c7049ce8a8>] system_call+0x70/0x98\n Last Breaking-Event-Address:\n [<001587c682c4a9d4>] iucv_sock_destruct+0x84/0x1a0 [af_iucv](CVE-2024-53210)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: release svc_expkey/svc_export with rcu_work\n\nThe last reference for `cache_head` can be reduced to zero in `c_show`\nand `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently,\n`svc_export_put` and `expkey_put` will be invoked, leading to two\nissues:\n\n1. The `svc_export_put` will directly free ex_uuid. However,\n `e_show`/`c_show` will access `ex_uuid` after `cache_put`, which can\n trigger a use-after-free issue, shown below.\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in svc_export_show+0x362/0x430 [nfsd]\n Read of size 1 at addr ff11000010fdc120 by task cat/870\n\n CPU: 1 UID: 0 PID: 870 Comm: cat Not tainted 6.12.0-rc3+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n 1.16.1-2.fc37 04/01/2014\n Call Trace:\n \n dump_stack_lvl+0x53/0x70\n print_address_description.constprop.0+0x2c/0x3a0\n print_report+0xb9/0x280\n kasan_report+0xae/0xe0\n svc_export_show+0x362/0x430 [nfsd]\n c_show+0x161/0x390 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Allocated by task 830:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc_node_track_caller_noprof+0x1bc/0x400\n kmemdup_noprof+0x22/0x50\n svc_export_parse+0x8a9/0xb80 [nfsd]\n cache_do_downcall+0x71/0xa0 [sunrpc]\n cache_write_procfs+0x8e/0xd0 [sunrpc]\n proc_reg_write+0xe1/0x140\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 868:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kfree+0xf3/0x3e0\n svc_export_put+0x87/0xb0 [nfsd]\n cache_purge+0x17f/0x1f0 [sunrpc]\n nfsd_destroy_serv+0x226/0x2d0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n2. We cannot sleep while using `rcu_read_lock`/`rcu_read_unlock`.\n However, `svc_export_put`/`expkey_put` will call path_put, which\n subsequently triggers a sleeping operation due to the following\n `dput`.\n\n =============================\n WARNING: suspicious RCU usage\n 5.10.0-dirty #141 Not tainted\n -----------------------------\n ...\n Call Trace:\n dump_stack+0x9a/0xd0\n ___might_sleep+0x231/0x240\n dput+0x39/0x600\n path_put+0x1b/0x30\n svc_export_put+0x17/0x80\n e_show+0x1c9/0x200\n seq_read_iter+0x63f/0x7c0\n seq_read+0x226/0x2d0\n vfs_read+0x113/0x2c0\n ksys_read+0xc9/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nFix these issues by using `rcu_work` to help release\n`svc_expkey`/`svc_export`. This approach allows for an asynchronous\ncontext to invoke `path_put` and also facilitates the freeing of\n`uuid/exp/key` after an RCU grace period.(CVE-2024-53216)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nunicode: Fix utf8_load() error path\n\nutf8_load() requests the symbol \"utf8_data_table\" and then checks if the\nrequested UTF-8 version is supported. If it's unsupported, it tries to\nput the data table using symbol_put(). If an unsupported version is\nrequested, symbol_put() fails like this:\n\n kernel BUG at kernel/module/main.c:786!\n RIP: 0010:__symbol_put+0x93/0xb0\n Call Trace:\n \n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0xca/0x110\n ? do_error_trap+0x65/0x80\n ? __symbol_put+0x93/0xb0\n ? exc_invalid_op+0x51/0x70\n ? __symbol_put+0x93/0xb0\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_cmp_name+0x10/0x10\n ? __symbol_put+0x93/0xb0\n ? __symbol_put+0x62/0xb0\n utf8_load+0xf8/0x150\n\nThat happens because symbol_put() expects the unique string that\nidentify the symbol, instead of a pointer to the loaded symbol. Fix that\nby using such string.(CVE-2024-53233)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.(CVE-2024-53680)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.(CVE-2024-54458)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall. For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n ------------[ cut here ]------------\n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n Call Trace:\n \n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n ---[ end trace 0000000000000000 ]---(CVE-2024-55881)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usx2y: Use snd_card_free_when_closed() at disconnection\n\nThe USB disconnect callback is supposed to be short and not too-long\nwaiting. OTOH, the current code uses snd_card_free() at\ndisconnection, but this waits for the close of all used fds, hence it\ncan take long. It eventually blocks the upper layer USB ioctls, which\nmay trigger a soft lockup.\n\nAn easy workaround is to replace snd_card_free() with\nsnd_card_free_when_closed(). This variant returns immediately while\nthe release of resources is done asynchronously by the card device\nrelease at the last close.(CVE-2024-56533)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: streamline driver probe to avoid devres issues\n\nIt was found that unloading 'hid_hyperv' module results in a devres\ncomplaint:\n\n ...\n hv_vmbus: unregistering driver hid_hyperv\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 3983 at drivers/base/devres.c:691 devres_release_group+0x1f2/0x2c0\n ...\n Call Trace:\n \n ? devres_release_group+0x1f2/0x2c0\n ? __warn+0xd1/0x1c0\n ? devres_release_group+0x1f2/0x2c0\n ? report_bug+0x32a/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x18/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? devres_release_group+0x1f2/0x2c0\n ? devres_release_group+0x90/0x2c0\n ? rcu_is_watching+0x15/0xb0\n ? __pfx_devres_release_group+0x10/0x10\n hid_device_remove+0xf5/0x220\n device_release_driver_internal+0x371/0x540\n ? klist_put+0xf3/0x170\n bus_remove_device+0x1f1/0x3f0\n device_del+0x33f/0x8c0\n ? __pfx_device_del+0x10/0x10\n ? cleanup_srcu_struct+0x337/0x500\n hid_destroy_device+0xc8/0x130\n mousevsc_remove+0xd2/0x1d0 [hid_hyperv]\n device_release_driver_internal+0x371/0x540\n driver_detach+0xc5/0x180\n bus_remove_driver+0x11e/0x2a0\n ? __mutex_unlock_slowpath+0x160/0x5e0\n vmbus_driver_unregister+0x62/0x2b0 [hv_vmbus]\n ...\n\nAnd the issue seems to be that the corresponding devres group is not\nallocated. Normally, devres_open_group() is called from\n__hid_device_probe() but Hyper-V HID driver overrides 'hid_dev->driver'\nwith 'mousevsc_hid_driver' stub and basically re-implements\n__hid_device_probe() by calling hid_parse() and hid_hw_start() but not\ndevres_open_group(). hid_device_probe() does not call __hid_device_probe()\nfor it. Later, when the driver is removed, hid_device_remove() calls\ndevres_release_group() as it doesn't check whether hdev->driver was\ninitially overridden or not.\n\nThe issue seems to be related to the commit 62c68e7cee33 (\"HID: ensure\ntimely release of driver-allocated resources\") but the commit itself seems\nto be correct.\n\nFix the issue by dropping the 'hid_dev->driver' override and using\nhid_register_driver()/hid_unregister_driver() instead. Alternatively, it\nwould have been possible to rely on the default handling but\nHID_CONNECT_DEFAULT implies HID_CONNECT_HIDRAW and it doesn't seem to work\nfor mousevsc as-is.(CVE-2024-56545)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: make sure exp active before svc_export_show\n\nThe function `e_show` was called with protection from RCU. This only\nensures that `exp` will not be freed. Therefore, the reference count for\n`exp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `exp_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `exp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 3 PID: 819 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 3 UID: 0 PID: 819 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n...\nCall Trace:\n \n e_show+0x20b/0x230 [nfsd]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2024-56558)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: Avoid list corruption when removing a slab from the full list\n\nBoot with slub_debug=UFPZ.\n\nIf allocated object failed in alloc_consistency_checks, all objects of\nthe slab will be marked as used, and then the slab will be removed from\nthe partial list.\n\nWhen an object belonging to the slab got freed later, the remove_full()\nfunction is called. Because the slab is neither on the partial list nor\non the full list, it eventually lead to a list corruption (actually a\nlist poison being detected).\n\nSo we need to mark and isolate the slab page with metadata corruption,\ndo not put it back in circulation.\n\nBecause the debug caches avoid all the fastpaths, reusing the frozen bit\nto mark slab page with metadata corruption seems to be fine.\n\n[ 4277.385669] list_del corruption, ffffea00044b3e50->next is LIST_POISON1 (dead000000000100)\n[ 4277.387023] ------------[ cut here ]------------\n[ 4277.387880] kernel BUG at lib/list_debug.c:56!\n[ 4277.388680] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 4277.389562] CPU: 5 PID: 90 Comm: kworker/5:1 Kdump: loaded Tainted: G OE 6.6.1-1 #1\n[ 4277.392113] Workqueue: xfs-inodegc/vda1 xfs_inodegc_worker [xfs]\n[ 4277.393551] RIP: 0010:__list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.394518] Code: 48 91 82 e8 37 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 28 49 91 82 e8 26 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 58 49 91\n[ 4277.397292] RSP: 0018:ffffc90000333b38 EFLAGS: 00010082\n[ 4277.398202] RAX: 000000000000004e RBX: ffffea00044b3e50 RCX: 0000000000000000\n[ 4277.399340] RDX: 0000000000000002 RSI: ffffffff828f8715 RDI: 00000000ffffffff\n[ 4277.400545] RBP: ffffea00044b3e40 R08: 0000000000000000 R09: ffffc900003339f0\n[ 4277.401710] R10: 0000000000000003 R11: ffffffff82d44088 R12: ffff888112cf9910\n[ 4277.402887] R13: 0000000000000001 R14: 0000000000000001 R15: ffff8881000424c0\n[ 4277.404049] FS: 0000000000000000(0000) GS:ffff88842fd40000(0000) knlGS:0000000000000000\n[ 4277.405357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4277.406389] CR2: 00007f2ad0b24000 CR3: 0000000102a3a006 CR4: 00000000007706e0\n[ 4277.407589] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4277.408780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4277.410000] PKRU: 55555554\n[ 4277.410645] Call Trace:\n[ 4277.411234] \n[ 4277.411777] ? die+0x32/0x80\n[ 4277.412439] ? do_trap+0xd6/0x100\n[ 4277.413150] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.414158] ? do_error_trap+0x6a/0x90\n[ 4277.414948] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.415915] ? exc_invalid_op+0x4c/0x60\n[ 4277.416710] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.417675] ? asm_exc_invalid_op+0x16/0x20\n[ 4277.418482] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.419466] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.420410] free_to_partial_list+0x515/0x5e0\n[ 4277.421242] ? xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.422298] xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.423316] ? xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.424383] xfs_bmap_del_extent_delay+0x4fe/0x7d0 [xfs]\n[ 4277.425490] __xfs_bunmapi+0x50d/0x840 [xfs]\n[ 4277.426445] xfs_itruncate_extents_flags+0x13a/0x490 [xfs]\n[ 4277.427553] xfs_inactive_truncate+0xa3/0x120 [xfs]\n[ 4277.428567] xfs_inactive+0x22d/0x290 [xfs]\n[ 4277.429500] xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.430479] process_one_work+0x171/0x340\n[ 4277.431227] worker_thread+0x277/0x390\n[ 4277.431962] ? __pfx_worker_thread+0x10/0x10\n[ 4277.432752] kthread+0xf0/0x120\n[ 4277.433382] ? __pfx_kthread+0x10/0x10\n[ 4277.434134] ret_from_fork+0x2d/0x50\n[ 4277.434837] ? __pfx_kthread+0x10/0x10\n[ 4277.435566] ret_from_fork_asm+0x1b/0x30\n[ 4277.436280] (CVE-2024-56566)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nefi/libstub: Free correct pointer on failure\n\ncmdline_ptr is an out parameter, which is not allocated by the function\nitself, and likely points into the caller's stack.\n\ncmdline refers to the pool allocation that should be freed when cleaning\nup after a failure, so pass this instead to free_pool().(CVE-2024-56573)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ts2020: fix null-ptr-deref in ts2020_probe()\n\nKASAN reported a null-ptr-deref issue when executing the following\ncommand:\n\n # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]\n RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809\n RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010\n RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6\n R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790\n R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001\n FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \n ts2020_probe+0xad/0xe10 [ts2020]\n i2c_device_probe+0x421/0xb40\n really_probe+0x266/0x850\n ...\n\nThe cause of the problem is that when using sysfs to dynamically register\nan i2c device, there is no platform data, but the probe process of ts2020\nneeds to use platform data, resulting in a null pointer being accessed.\n\nSolve this problem by adding checks to platform data.(CVE-2024-56574)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: tc358743: Fix crash in the probe error path when using polling\n\nIf an error occurs in the probe() function, we should remove the polling\ntimer that was alarmed earlier, otherwise the timer is called with\narguments that are already freed, which results in a crash.\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268\nModules linked in:\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0 #226\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\npstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __run_timers+0x244/0x268\nlr : __run_timers+0x1d4/0x268\nsp : ffffff80eff2baf0\nx29: ffffff80eff2bb50 x28: 7fffffffffffffff x27: ffffff80eff2bb00\nx26: ffffffc080f669c0 x25: ffffff80efef6bf0 x24: ffffff80eff2bb00\nx23: 0000000000000000 x22: dead000000000122 x21: 0000000000000000\nx20: ffffff80efef6b80 x19: ffffff80041c8bf8 x18: ffffffffffffffff\nx17: ffffffc06f146000 x16: ffffff80eff27dc0 x15: 000000000000003e\nx14: 0000000000000000 x13: 00000000000054da x12: 0000000000000000\nx11: 00000000000639c0 x10: 000000000000000c x9 : 0000000000000009\nx8 : ffffff80eff2cb40 x7 : ffffff80eff2cb40 x6 : ffffff8002bee480\nx5 : ffffffc080cb2220 x4 : ffffffc080cb2150 x3 : 00000000000f4240\nx2 : 0000000000000102 x1 : ffffff80eff2bb00 x0 : ffffff80041c8bf0\nCall trace:\n __run_timers+0x244/0x268\n timer_expire_remote+0x50/0x68\n tmigr_handle_remote+0x388/0x39c\n run_timer_softirq+0x38/0x44\n handle_softirqs+0x138/0x298\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x1c\n call_on_irq_stack+0x24/0x4c\n do_softirq_own_stack+0x1c/0x2c\n irq_exit_rcu+0x9c/0xcc\n el1_interrupt+0x48/0xc0\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x7c/0x80\n default_idle_call+0x34/0x68\n do_idle+0x23c/0x294\n cpu_startup_entry+0x38/0x3c\n secondary_start_kernel+0x128/0x160\n __secondary_switched+0xb8/0xbc\n---[ end trace 0000000000000000 ]---(CVE-2024-56576)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-jpeg: Fix null-ptr-deref during unload module\n\nThe workqueue should be destroyed in mtk_jpeg_core.c since commit\n09aea13ecf6f (\"media: mtk-jpeg: refactor some variables\"), otherwise\nthe below calltrace can be easily triggered.\n\n[ 677.862514] Unable to handle kernel paging request at virtual address dfff800000000023\n[ 677.863633] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\n...\n[ 677.879654] CPU: 6 PID: 1071 Comm: modprobe Tainted: G O 6.8.12-mtk+gfa1a78e5d24b+ #17\n...\n[ 677.882838] pc : destroy_workqueue+0x3c/0x770\n[ 677.883413] lr : mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.884314] sp : ffff80008ad974f0\n[ 677.884744] x29: ffff80008ad974f0 x28: ffff0000d7115580 x27: ffff0000dd691070\n[ 677.885669] x26: ffff0000dd691408 x25: ffff8000844af3e0 x24: ffff80008ad97690\n[ 677.886592] x23: ffff0000e051d400 x22: ffff0000dd691010 x21: dfff800000000000\n[ 677.887515] x20: 0000000000000000 x19: 0000000000000000 x18: ffff800085397ac0\n[ 677.888438] x17: 0000000000000000 x16: ffff8000801b87c8 x15: 1ffff000115b2e10\n[ 677.889361] x14: 00000000f1f1f1f1 x13: 0000000000000000 x12: ffff7000115b2e4d\n[ 677.890285] x11: 1ffff000115b2e4c x10: ffff7000115b2e4c x9 : ffff80000aa43e90\n[ 677.891208] x8 : 00008fffeea4d1b4 x7 : ffff80008ad97267 x6 : 0000000000000001\n[ 677.892131] x5 : ffff80008ad97260 x4 : ffff7000115b2e4d x3 : 0000000000000000\n[ 677.893054] x2 : 0000000000000023 x1 : dfff800000000000 x0 : 0000000000000118\n[ 677.893977] Call trace:\n[ 677.894297] destroy_workqueue+0x3c/0x770\n[ 677.894826] mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.895677] devm_action_release+0x50/0x90\n[ 677.896211] release_nodes+0xe8/0x170\n[ 677.896688] devres_release_all+0xf8/0x178\n[ 677.897219] device_unbind_cleanup+0x24/0x170\n[ 677.897785] device_release_driver_internal+0x35c/0x480\n[ 677.898461] device_release_driver+0x20/0x38\n...\n[ 677.912665] ---[ end trace 0000000000000000 ]---(CVE-2024-56577)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.(CVE-2024-56579)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nleds: class: Protect brightness_show() with led_cdev->led_access mutex\n\nThere is NULL pointer issue observed if from Process A where hid device\nbeing added which results in adding a led_cdev addition and later a\nanother call to access of led_cdev attribute from Process B can result\nin NULL pointer issue.\n\nUse mutex led_cdev->led_access to protect access to led->cdev and its\nattribute inside brightness_show() and max_brightness_show() and also\nupdate the comment for mutex that it should be used to protect the led\nclass device fields.\n\n\tProcess A \t\t\t\tProcess B\n\n kthread+0x114\n worker_thread+0x244\n process_scheduled_works+0x248\n uhid_device_add_worker+0x24\n hid_add_device+0x120\n device_add+0x268\n bus_probe_device+0x94\n device_initial_probe+0x14\n __device_attach+0xfc\n bus_for_each_drv+0x10c\n __device_attach_driver+0x14c\n driver_probe_device+0x3c\n __driver_probe_device+0xa0\n really_probe+0x190\n hid_device_probe+0x130\n ps_probe+0x990\n ps_led_register+0x94\n devm_led_classdev_register_ext+0x58\n led_classdev_register_ext+0x1f8\n device_create_with_groups+0x48\n device_create_groups_vargs+0xc8\n device_add+0x244\n kobject_uevent+0x14\n kobject_uevent_env[jt]+0x224\n mutex_unlock[jt]+0xc4\n __mutex_unlock_slowpath+0xd4\n wake_up_q+0x70\n try_to_wake_up[jt]+0x48c\n preempt_schedule_common+0x28\n __schedule+0x628\n __switch_to+0x174\n\t\t\t\t\t\tel0t_64_sync+0x1a8/0x1ac\n\t\t\t\t\t\tel0t_64_sync_handler+0x68/0xbc\n\t\t\t\t\t\tel0_svc+0x38/0x68\n\t\t\t\t\t\tdo_el0_svc+0x1c/0x28\n\t\t\t\t\t\tel0_svc_common+0x80/0xe0\n\t\t\t\t\t\tinvoke_syscall+0x58/0x114\n\t\t\t\t\t\t__arm64_sys_read+0x1c/0x2c\n\t\t\t\t\t\tksys_read+0x78/0xe8\n\t\t\t\t\t\tvfs_read+0x1e0/0x2c8\n\t\t\t\t\t\tkernfs_fop_read_iter+0x68/0x1b4\n\t\t\t\t\t\tseq_read_iter+0x158/0x4ec\n\t\t\t\t\t\tkernfs_seq_show+0x44/0x54\n\t\t\t\t\t\tsysfs_kf_seq_show+0xb4/0x130\n\t\t\t\t\t\tdev_attr_show+0x38/0x74\n\t\t\t\t\t\tbrightness_show+0x20/0x4c\n\t\t\t\t\t\tdualshock4_led_get_brightness+0xc/0x74\n\n[ 3313.874295][ T4013] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n[ 3313.874301][ T4013] Mem abort info:\n[ 3313.874303][ T4013] ESR = 0x0000000096000006\n[ 3313.874305][ T4013] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 3313.874307][ T4013] SET = 0, FnV = 0\n[ 3313.874309][ T4013] EA = 0, S1PTW = 0\n[ 3313.874311][ T4013] FSC = 0x06: level 2 translation fault\n[ 3313.874313][ T4013] Data abort info:\n[ 3313.874314][ T4013] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n[ 3313.874316][ T4013] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 3313.874318][ T4013] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 3313.874320][ T4013] user pgtable: 4k pages, 39-bit VAs, pgdp=00000008f2b0a000\n..\n\n[ 3313.874332][ T4013] Dumping ftrace buffer:\n[ 3313.874334][ T4013] (ftrace buffer empty)\n..\n..\n[ dd3313.874639][ T4013] CPU: 6 PID: 4013 Comm: InputReader\n[ 3313.874648][ T4013] pc : dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874653][ T4013] lr : led_update_brightness+0x38/0x60\n[ 3313.874656][ T4013] sp : ffffffc0b910bbd0\n..\n..\n[ 3313.874685][ T4013] Call trace:\n[ 3313.874687][ T4013] dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874690][ T4013] brightness_show+0x20/0x4c\n[ 3313.874692][ T4013] dev_attr_show+0x38/0x74\n[ 3313.874696][ T4013] sysfs_kf_seq_show+0xb4/0x130\n[ 3313.874700][ T4013] kernfs_seq_show+0x44/0x54\n[ 3313.874703][ T4013] seq_read_iter+0x158/0x4ec\n[ 3313.874705][ T4013] kernfs_fop_read_iter+0x68/0x1b4\n[ 3313.874708][ T4013] vfs_read+0x1e0/0x2c8\n[ 3313.874711][ T4013] ksys_read+0x78/0xe8\n[ 3313.874714][ T4013] __arm64_sys_read+0x1c/0x2c\n[ 3313.874718][ T4013] invoke_syscall+0x58/0x114\n[ 3313.874721][ T4013] el0_svc_common+0x80/0xe0\n[ 3313.874724][ T4013] do_el0_svc+0x1c/0x28\n[ 3313.874727][ T4013] el0_svc+0x38/0x68\n[ 3313.874730][ T4013] el0t_64_sync_handler+0x68/0xbc\n[ 3313.874732][ T4013] el0t_64_sync+0x1a8/0x1ac(CVE-2024-56587)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()\n\nThis patch fixes a NULL pointer dereference bug in brcmfmac that occurs\nwhen a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs\nare sent from the pkt queue.\n\nThe problem is the number of entries in the pre-allocated sgtable, it is\nnents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >> 4 + 1.\nGiven the default [rt]xglom_size=32 it's actually 35 which is too small.\nWorst case, the pkt queue can end up with 64 SKBs. This occurs when a new SKB\nis added for each original SKB if tailroom isn't enough to hold tail_pad.\nAt least one sg entry is needed for each SKB. So, eventually the \"skb_queue_walk loop\"\nin brcmf_sdiod_sglist_rw may run out of sg entries. This makes sg_next return\nNULL and this causes the oops.\n\nThe patch sets nents to max(rxglom_size, txglom_size) * 2 to be able handle\nthe worst-case.\nBtw. this requires only 64-35=29 * 16 (or 20 if CONFIG_NEED_SG_DMA_LENGTH) = 464\nadditional bytes of memory.(CVE-2024-56593)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.(CVE-2024-56600)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: do not leave a dangling sk pointer in ieee802154_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If ieee802154_create() fails later, the allocated sk object is\nfreed, but the dangling pointer remains in the provided sock object, which\nmay allow use-after-free.\n\nClear the sk pointer in the sock object on error.(CVE-2024-56602)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Fix MST sideband message body length check\n\nFix the MST sideband message body length check, which must be at least 1\nbyte accounting for the message body CRC (aka message data CRC) at the\nend of the message.\n\nThis fixes a case where an MST branch device returns a header with a\ncorrect header CRC (indicating a correctly received body length), with\nthe body length being incorrectly set to 0. This will later lead to a\nmemory corruption in drm_dp_sideband_append_payload() and the following\nerrors in dmesg:\n\n UBSAN: array-index-out-of-bounds in drivers/gpu/drm/display/drm_dp_mst_topology.c:786:25\n index -1 is out of range for type 'u8 [48]'\n Call Trace:\n drm_dp_sideband_append_payload+0x33d/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper]\n\n memcpy: detected field-spanning write (size 18446744073709551615) of single field \"&msg->msg[msg->curlen]\" at drivers/gpu/drm/display/drm_dp_mst_topology.c:791 (size 256)\n Call Trace:\n drm_dp_sideband_append_payload+0x324/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper](CVE-2024-56616)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_set_termination(): allow sleeping GPIOs\n\nIn commit 6e86a1543c37 (\"can: dev: provide optional GPIO based\ntermination support\") GPIO based termination support was added.\n\nFor no particular reason that patch uses gpiod_set_value() to set the\nGPIO. This leads to the following warning, if the systems uses a\nsleeping GPIO, i.e. behind an I2C port expander:\n\n| WARNING: CPU: 0 PID: 379 at /drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x50/0x6c\n| CPU: 0 UID: 0 PID: 379 Comm: ip Not tainted 6.11.0-20241016-1 #1 823affae360cc91126e4d316d7a614a8bf86236c\n\nReplace gpiod_set_value() by gpiod_set_value_cansleep() to allow the\nuse of sleeping GPIOs.(CVE-2024-56625)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Add architecture specific huge_pte_clear()\n\nWhen executing mm selftests run_vmtests.sh, there is such an error:\n\n BUG: Bad page state in process uffd-unit-tests pfn:00000\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x0\n flags: 0xffff0000002000(reserved|node=0|zone=0|lastcpupid=0xffff)\n raw: 00ffff0000002000 ffffbf0000000008 ffffbf0000000008 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Modules linked in: snd_seq_dummy snd_seq snd_seq_device rfkill vfat fat\n virtio_balloon efi_pstore virtio_net pstore net_failover failover fuse\n nfnetlink virtio_scsi virtio_gpu virtio_dma_buf dm_multipath efivarfs\n CPU: 2 UID: 0 PID: 1913 Comm: uffd-unit-tests Not tainted 6.12.0 #184\n Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022\n Stack : 900000047c8ac000 0000000000000000 9000000000223a7c 900000047c8ac000\n 900000047c8af690 900000047c8af698 0000000000000000 900000047c8af7d8\n 900000047c8af7d0 900000047c8af7d0 900000047c8af5b0 0000000000000001\n 0000000000000001 900000047c8af698 10b3c7d53da40d26 0000010000000000\n 0000000000000022 0000000fffffffff fffffffffe000000 ffff800000000000\n 000000000000002f 0000800000000000 000000017a6d4000 90000000028f8940\n 0000000000000000 0000000000000000 90000000025aa5e0 9000000002905000\n 0000000000000000 90000000028f8940 ffff800000000000 0000000000000000\n 0000000000000000 0000000000000000 9000000000223a94 000000012001839c\n 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d\n ...\n Call Trace:\n [<9000000000223a94>] show_stack+0x5c/0x180\n [<9000000001c3fd64>] dump_stack_lvl+0x6c/0xa0\n [<900000000056aa08>] bad_page+0x1a0/0x1f0\n [<9000000000574978>] free_unref_folios+0xbf0/0xd20\n [<90000000004e65cc>] folios_put_refs+0x1a4/0x2b8\n [<9000000000599a0c>] free_pages_and_swap_cache+0x164/0x260\n [<9000000000547698>] tlb_batch_pages_flush+0xa8/0x1c0\n [<9000000000547f30>] tlb_finish_mmu+0xa8/0x218\n [<9000000000543cb8>] exit_mmap+0x1a0/0x360\n [<9000000000247658>] __mmput+0x78/0x200\n [<900000000025583c>] do_exit+0x43c/0xde8\n [<9000000000256490>] do_group_exit+0x68/0x110\n [<9000000000256554>] sys_exit_group+0x1c/0x20\n [<9000000001c413b4>] do_syscall+0x94/0x130\n [<90000000002216d8>] handle_syscall+0xb8/0x158\n Disabling lock debugging due to kernel taint\n BUG: non-zero pgtables_bytes on freeing mm: -16384\n\nOn LoongArch system, invalid huge pte entry should be invalid_pte_table\nor a single _PAGE_HUGE bit rather than a zero value. And it should be\nthe same with invalid pmd entry, since pmd_none() is called by function\nfree_pgd_range() and pmd_none() return 0 by huge_pte_clear(). So single\n_PAGE_HUGE bit is also treated as a valid pte table and free_pte_range()\nwill be called in free_pmd_range().\n\n free_pmd_range()\n pmd = pmd_offset(pud, addr);\n do {\n next = pmd_addr_end(addr, end);\n if (pmd_none_or_clear_bad(pmd))\n continue;\n free_pte_range(tlb, pmd, addr);\n } while (pmd++, addr = next, addr != end);\n\nHere invalid_pte_table is used for both invalid huge pte entry and\npmd entry.(CVE-2024-56628)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential UAF in default_operstate()\n\nsyzbot reported an UAF in default_operstate() [1]\n\nIssue is a race between device and netns dismantles.\n\nAfter calling __rtnl_unlock() from netdev_run_todo(),\nwe can not assume the netns of each device is still alive.\n\nMake sure the device is not in NETREG_UNREGISTERED state,\nand add an ASSERT_RTNL() before the call to\n__dev_get_by_index().\n\nWe might move this ASSERT_RTNL() in __dev_get_by_index()\nin the future.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\nRead of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339\n\nCPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\n default_operstate net/core/link_watch.c:51 [inline]\n rfc2863_policy+0x224/0x300 net/core/link_watch.c:67\n linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170\n netdev_run_todo+0x461/0x1000 net/core/dev.c:10894\n rtnl_unlock net/core/rtnetlink.c:152 [inline]\n rtnl_net_unlock include/linux/rtnetlink.h:133 [inline]\n rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520\n rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2a3cb80809\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809\nRDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008\nRBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8\n \n\nAllocated by task 5339:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kmalloc_array_noprof include/linux/slab.h:945 [inline]\n netdev_create_hash net/core/dev.c:11870 [inline]\n netdev_init+0x10c/0x250 net/core/dev.c:11890\n ops_init+0x31e/0x590 net/core/net_namespace.c:138\n setup_net+0x287/0x9e0 net/core/net_namespace.c:362\n copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500\n create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228\n ksys_unshare+0x57d/0xa70 kernel/fork.c:3314\n __do_sys_unshare kernel/fork.c:3385 [inline]\n __se_sys_unshare kernel/fork.c:3383 [inline]\n __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x8\n---truncated---(CVE-2024-56635)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: do not assume mac header is set in geneve_xmit_skb()\n\nWe should not assume mac header is set in output path.\n\nUse skb_eth_hdr() instead of eth_hdr() to fix the issue.\n\nsysbot reported the following :\n\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 skb_mac_header include/linux/skbuff.h:3052 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 eth_hdr include/linux/if_ether.h:24 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nModules linked in:\nCPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_mac_header include/linux/skbuff.h:3052 [inline]\n RIP: 0010:eth_hdr include/linux/if_ether.h:24 [inline]\n RIP: 0010:geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n RIP: 0010:geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nCode: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 <0f> 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff\nRSP: 0018:ffffc90003b2f870 EFLAGS: 00010283\nRAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000\nRDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003\nRBP: ffffc90003b2f9f0 R08: 0000000000000003 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff88806603c000\nR13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23\nFS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n __dev_direct_xmit+0x58a/0x720 net/core/dev.c:4490\n dev_direct_xmit include/linux/netdevice.h:3181 [inline]\n packet_xmit+0x1e4/0x360 net/packet/af_packet.c:285\n packet_snd net/packet/af_packet.c:3146 [inline]\n packet_sendmsg+0x2700/0x5660 net/packet/af_packet.c:3178\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x488/0x4f0 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2200\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f(CVE-2024-56636)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix memory leak in dccp_feat_change_recv\n\nIf dccp_feat_push_confirm() fails after new value for SP feature was accepted\nwithout reconciliation ('entry == NULL' branch), memory allocated for that value\nwith dccp_feat_clone_sp_val() is never freed.\n\nHere is the kmemleak stack for this:\n\nunreferenced object 0xffff88801d4ab488 (size 8):\n comm \"syz-executor310\", pid 1127, jiffies 4295085598 (age 41.666s)\n hex dump (first 8 bytes):\n 01 b4 4a 1d 80 88 ff ff ..J.....\n backtrace:\n [<00000000db7cabfe>] kmemdup+0x23/0x50 mm/util.c:128\n [<0000000019b38405>] kmemdup include/linux/string.h:465 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:371 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:367 [inline]\n [<0000000019b38405>] dccp_feat_change_recv net/dccp/feat.c:1145 [inline]\n [<0000000019b38405>] dccp_feat_parse_options+0x1196/0x2180 net/dccp/feat.c:1416\n [<00000000b1f6d94a>] dccp_parse_options+0xa2a/0x1260 net/dccp/options.c:125\n [<0000000030d7b621>] dccp_rcv_state_process+0x197/0x13d0 net/dccp/input.c:650\n [<000000001f74c72e>] dccp_v4_do_rcv+0xf9/0x1a0 net/dccp/ipv4.c:688\n [<00000000a6c24128>] sk_backlog_rcv include/net/sock.h:1041 [inline]\n [<00000000a6c24128>] __release_sock+0x139/0x3b0 net/core/sock.c:2570\n [<00000000cf1f3a53>] release_sock+0x54/0x1b0 net/core/sock.c:3111\n [<000000008422fa23>] inet_wait_for_connect net/ipv4/af_inet.c:603 [inline]\n [<000000008422fa23>] __inet_stream_connect+0x5d0/0xf70 net/ipv4/af_inet.c:696\n [<0000000015b6f64d>] inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:735\n [<0000000010122488>] __sys_connect_file+0x15c/0x1a0 net/socket.c:1865\n [<00000000b4b70023>] __sys_connect+0x165/0x1a0 net/socket.c:1882\n [<00000000f4cb3815>] __do_sys_connect net/socket.c:1892 [inline]\n [<00000000f4cb3815>] __se_sys_connect net/socket.c:1889 [inline]\n [<00000000f4cb3815>] __x64_sys_connect+0x6e/0xb0 net/socket.c:1889\n [<00000000e7b1e839>] do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n [<0000000055e91434>] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nClean up the allocated memory in case of dccp_feat_push_confirm() failure\nand bail out with an error reset code.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.(CVE-2024-56643)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: release expired exception dst cached in socket\n\nDst objects get leaked in ip6_negative_advice() when this function is\nexecuted for an expired IPv6 route located in the exception table. There\nare several conditions that must be fulfilled for the leak to occur:\n* an ICMPv6 packet indicating a change of the MTU for the path is received,\n resulting in an exception dst being created\n* a TCP connection that uses the exception dst for routing packets must\n start timing out so that TCP begins retransmissions\n* after the exception dst expires, the FIB6 garbage collector must not run\n before TCP executes ip6_negative_advice() for the expired exception dst\n\nWhen TCP executes ip6_negative_advice() for an exception dst that has\nexpired and if no other socket holds a reference to the exception dst, the\nrefcount of the exception dst is 2, which corresponds to the increment\nmade by dst_init() and the increment made by the TCP socket for which the\nconnection is timing out. The refcount made by the socket is never\nreleased. The refcount of the dst is decremented in sk_dst_reset() but\nthat decrement is counteracted by a dst_hold() intentionally placed just\nbefore the sk_dst_reset() in ip6_negative_advice(). After\nip6_negative_advice() has finished, there is no other object tied to the\ndst. The socket lost its reference stored in sk_dst_cache and the dst is\nno longer in the exception table. The exception dst becomes a leaked\nobject.\n\nAs a result of this dst leak, an unbalanced refcount is reported for the\nloopback device of a net namespace being destroyed under kernels that do\nnot contain e5f80fcf869a (\"ipv6: give an IPv6 dev to blackhole_netdev\"):\nunregister_netdevice: waiting for lo to become free. Usage count = 2\n\nFix the dst leak by removing the dst_hold() in ip6_negative_advice(). The\npatch that introduced the dst_hold() in ip6_negative_advice() was\n92f1655aa2b22 (\"net: fix __dst_negative_advice() race\"). But 92f1655aa2b22\nmerely refactored the code with regards to the dst refcount so the issue\nwas present even before 92f1655aa2b22. The bug was introduced in\n54c1a859efd9f (\"ipv6: Don't drop cache route entry unless timer actually\nexpired.\") where the expired cached route is deleted and the sk_dst_cache\nmember of the socket is set to NULL by calling dst_negative_advice() but\nthe refcount belonging to the socket is left unbalanced.\n\nThe IPv4 version - ipv4_negative_advice() - is not affected by this bug.\nWhen the TCP connection times out ipv4_negative_advice() merely resets the\nsk_dst_cache of the socket while decrementing the refcount of the\nexception dst.(CVE-2024-56644)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_session_new(): fix skb reference counting\n\nSince j1939_session_skb_queue() does an extra skb_get() for each new\nskb, do the same for the initial one in j1939_session_new() to avoid\nrefcount underflow.\n\n[mkl: clean up commit message](CVE-2024-56645)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: hi311x: hi3110_can_ist(): fix potential use-after-free\n\nThe commit a22bd630cfff (\"can: hi311x: do not report txerr and rxerr\nduring bus-off\") removed the reporting of rxerr and txerr even in case\nof correct operation (i. e. not bus-off).\n\nThe error count information added to the CAN frame after netif_rx() is\na potential use after free, since there is no guarantee that the skb\nis in the same state. It might be freed or reused.\n\nFix the issue by postponing the netif_rx() call in case of txerr and\nrxerr reporting.(CVE-2024-56651)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket's close() link popping & unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(&stab->lock)\n osk = stab->sks[idx]\n sock_map_add_link(..., &stab->sks[idx])\n sock_map_unref(osk, &stab->sks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(&psock))\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(&stab->lock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---(CVE-2024-56664)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm/fault: Fix kfence page fault reporting\n\ncopy_from_kernel_nofault() can be called when doing read of /proc/kcore.\n/proc/kcore can have some unmapped kfence objects which when read via\ncopy_from_kernel_nofault() can cause page faults. Since *_nofault()\nfunctions define their own fixup table for handling fault, use that\ninstead of asking kfence to handle such faults.\n\nHence we search the exception tables for the nip which generated the\nfault. If there is an entry then we let the fixup table handler handle the\npage fault by returning an error from within ___do_page_fault().\n\nThis can be easily triggered if someone tries to do dd from /proc/kcore.\neg. dd if=/proc/kcore of=/dev/null bs=1M\n\nSome example false negatives:\n\n ===============================\n BUG: KFENCE: invalid read in copy_from_kernel_nofault+0x9c/0x1a0\n Invalid read at 0xc0000000fdff0000:\n copy_from_kernel_nofault+0x9c/0x1a0\n 0xc00000000665f950\n read_kcore_iter+0x57c/0xa04\n proc_reg_read_iter+0xe4/0x16c\n vfs_read+0x320/0x3ec\n ksys_read+0x90/0x154\n system_call_exception+0x120/0x310\n system_call_vectored_common+0x15c/0x2ec\n\n BUG: KFENCE: use-after-free read in copy_from_kernel_nofault+0x9c/0x1a0\n Use-after-free read at 0xc0000000fe050000 (in kfence-#2):\n copy_from_kernel_nofault+0x9c/0x1a0\n 0xc00000000665f950\n read_kcore_iter+0x57c/0xa04\n proc_reg_read_iter+0xe4/0x16c\n vfs_read+0x320/0x3ec\n ksys_read+0x90/0x154\n system_call_exception+0x120/0x310\n system_call_vectored_common+0x15c/0x2ec(CVE-2024-56678)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'\n\nIf platform_get_resource_byname() fails and returns NULL because DT lacks\nan 'mmio' property for the MHI endpoint, dereferencing res->start will\ncause a NULL pointer access. Add a check to prevent it.\n\n[kwilczynski: error message update per the review feedback]\n[bhelgaas: commit log](CVE-2024-56689)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix recursive lock when verdict program return SK_PASS\n\nWhen the stream_verdict program returns SK_PASS, it places the received skb\ninto its own receive queue, but a recursive lock eventually occurs, leading\nto an operating system deadlock. This issue has been present since v6.9.\n\n'''\nsk_psock_strp_data_ready\n write_lock_bh(&sk->sk_callback_lock)\n strp_data_ready\n strp_read_sock\n read_sock -> tcp_read_sock\n strp_recv\n cb.rcv_msg -> sk_psock_strp_read\n # now stream_verdict return SK_PASS without peer sock assign\n __SK_PASS = sk_psock_map_verd(SK_PASS, NULL)\n sk_psock_verdict_apply\n sk_psock_skb_ingress_self\n sk_psock_skb_ingress_enqueue\n sk_psock_data_ready\n read_lock_bh(&sk->sk_callback_lock) <= dead lock\n\n'''\n\nThis topic has been discussed before, but it has not been fixed.\nPrevious discussion:\nhttps://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch(CVE-2024-56694)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c\n\nAdd error pointer checks after calling otx2_mbox_get_rsp().(CVE-2024-56707)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix memory leak in ceph_direct_read_write()\n\nThe bvecs array which is allocated in iter_get_bvecs_alloc() is leaked\nand pages remain pinned if ceph_alloc_sparse_ext_map() fails.\n\nThere is no need to delay the allocation of sparse_ext map until after\nthe bvecs array is set up, so fix this by moving sparse_ext allocation\na bit earlier. Also, make a similar adjustment in __ceph_sync_read()\nfor consistency (a leak of the same kind in __ceph_sync_read() has been\naddressed differently).(CVE-2024-56710)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.(CVE-2024-56723)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.(CVE-2024-56724)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c\n\nAdd error pointer check after calling otx2_mbox_get_rsp().(CVE-2024-56725)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c\n\nAdding error pointer check after calling otx2_mbox_get_rsp().(CVE-2024-56727)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.(CVE-2024-56751)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - Fix the pointer passed to caam_qi_shutdown()\n\nThe type of the last parameter given to devm_add_action_or_reset() is\n\"struct caam_drv_private *\", but in caam_qi_shutdown(), it is casted to\n\"struct device *\".\n\nPass the correct parameter to devm_add_action_or_reset() so that the\nresources are released as expected.(CVE-2024-56754)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add a sanity check for btrfs root in btrfs_search_slot()\n\nSyzbot reports a null-ptr-deref in btrfs_search_slot().\n\nThe reproducer is using rescue=ibadroots, and the extent tree root is\ncorrupted thus the extent tree is NULL.\n\nWhen scrub tries to search the extent tree to gather the needed extent\ninfo, btrfs_search_slot() doesn't check if the target root is NULL or\nnot, resulting the null-ptr-deref.\n\nAdd sanity check for btrfs root before using it in btrfs_search_slot().(CVE-2024-56774)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Remove the direct link to net_device\n\nThe similar patch in siw is in the link:\nhttps://git.kernel.org/rdma/rdma/c/16b87037b48889\n\nThis problem also occurred in RXE. The following analyze this problem.\nIn the following Call Traces:\n\"\nBUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\nRead of size 4 at addr ffff8880554640b0 by task kworker/1:4/5295\n\nCPU: 1 UID: 0 PID: 5295 Comm: kworker/1:4 Not tainted\n6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0\nHardware name: Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nWorkqueue: infiniband ib_cache_event_task\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\n rxe_query_port+0x12d/0x260 drivers/infiniband/sw/rxe/rxe_verbs.c:60\n __ib_query_port drivers/infiniband/core/device.c:2111 [inline]\n ib_query_port+0x168/0x7d0 drivers/infiniband/core/device.c:2143\n ib_cache_update+0x1a9/0xb80 drivers/infiniband/core/cache.c:1494\n ib_cache_event_task+0xf3/0x1e0 drivers/infiniband/core/cache.c:1568\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\"\n\n1). In the link [1],\n\n\"\n infiniband syz2: set down\n\"\n\nThis means that on 839.350575, the event ib_cache_event_task was sent andi\nqueued in ib_wq.\n\n2). In the link [1],\n\n\"\n team0 (unregistering): Port device team_slave_0 removed\n\"\n\nIt indicates that before 843.251853, the net device should be freed.\n\n3). In the link [1],\n\n\"\n BUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0\n\"\n\nThis means that on 850.559070, this slab-use-after-free problem occurred.\n\nIn all, on 839.350575, the event ib_cache_event_task was sent and queued\nin ib_wq,\n\nbefore 843.251853, the net device veth was freed.\n\non 850.559070, this event was executed, and the mentioned freed net device\nwas called. Thus, the above call trace occurred.\n\n[1] https://syzkaller.appspot.com/x/log.txt?x=12e7025f980000(CVE-2024-57795)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Remove direct link to net_device\n\nDo not manage a per device direct link to net_device. Rely\non associated ib_devices net_device management, not doubling\nthe effort locally. A badly managed local link to net_device\nwas causing a 'KASAN: slab-use-after-free' exception during\nsiw_query_port() call.(CVE-2024-57857)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: kmx61: fix information leak in triggered buffer\n\nThe 'buffer' local array is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the array to zero before using it to avoid pushing\nuninitialized information to userspace.(CVE-2024-57908)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer\n\nThe 'data' array is allocated via kmalloc() and it is used to push data\nto user space from a triggered buffer, but it does not set values for\ninactive channels, as it only uses iio_for_each_active_channel()\nto assign new values.\n\nUse kzalloc for the memory allocation to avoid pushing uninitialized\ninformation to userspace.(CVE-2024-57911)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niio: pressure: zpa2326: fix information leak in triggered buffer\n\nThe 'sample' local struct is used to push data to user space from a\ntriggered buffer, but it has a hole between the temperature and the\ntimestamp (u32 pressure, u16 temperature, GAP, u64 timestamp).\nThis hole is never initialized.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.(CVE-2024-57912)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndm array: fix releasing a faulty array block twice in dm_array_cursor_end\n\nWhen dm_bm_read_lock() fails due to locking or checksum errors, it\nreleases the faulty block implicitly while leaving an invalid output\npointer behind. The caller of dm_bm_read_lock() should not operate on\nthis invalid dm_block pointer, or it will lead to undefined result.\nFor example, the dm_array_cursor incorrectly caches the invalid pointer\non reading a faulty array block, causing a double release in\ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put().\n\nReproduce steps:\n\n1. initialize a cache device\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. wipe the second array block offline\n\ndmsteup remove cache cmeta cdata corig\nmapping_root=$(dd if=/dev/sdc bs=1c count=8 skip=192 \\\n2>/dev/null | hexdump -e '1/8 \"%u\\n\"')\nablock=$(dd if=/dev/sdc bs=1c count=8 skip=$((4096*mapping_root+2056)) \\\n2>/dev/null | hexdump -e '1/8 \"%u\\n\"')\ndd if=/dev/zero of=/dev/sdc bs=4k count=1 seek=$ablock\n\n3. try reopen the cache device\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\"\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\nKernel logs:\n\n(snip)\ndevice-mapper: array: array_block_check failed: blocknr 0 != wanted 10\ndevice-mapper: block manager: array validator check failed for block 10\ndevice-mapper: array: get_ablock failed\ndevice-mapper: cache metadata: dm_array_cursor_next for mapping failed\n------------[ cut here ]------------\nkernel BUG at drivers/md/dm-bufio.c:638!\n\nFix by setting the cached block pointer to NULL on errors.\n\nIn addition to the reproducer described above, this fix can be\nverified using the \"array_cursor/damaged\" test in dm-unit:\n dm-unit run /pdata/array_cursor/damaged --kernel-dir (CVE-2024-57929)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"libfs: fix infinite directory reads for offset dir\"\n\nThe current directory offset allocator (based on mtree_alloc_cyclic)\nstores the next offset value to return in octx->next_offset. This\nmechanism typically returns values that increase monotonically over\ntime. Eventually, though, the newly allocated offset value wraps\nback to a low number (say, 2) which is smaller than other already-\nallocated offset values.\n\nYu Kuai reports that, after commit 64a7ce76fb90\n(\"libfs: fix infinite directory reads for offset dir\"), if a\ndirectory's offset allocator wraps, existing entries are no longer\nvisible via readdir/getdents because offset_readdir() stops listing\nentries once an entry's offset is larger than octx->next_offset.\nThese entries vanish persistently -- they can be looked up, but will\nnever again appear in readdir(3) output.\n\nThe reason for this is that the commit treats directory offsets as\nmonotonically increasing integer values rather than opaque cookies,\nand introduces this comparison:\n\n\tif (dentry2offset(dentry) >= last_index) {\n\nOn 64-bit platforms, the directory offset value upper bound is\n2^63 - 1. Directory offsets will monotonically increase for millions\nof years without wrapping.\n\nOn 32-bit platforms, however, LONG_MAX is 2^31 - 1. The allocator\ncan wrap after only a few weeks (at worst).\n\nRevert commit 64a7ce76fb90 (\"libfs: fix infinite directory reads for\noffset dir\") to prepare for a fix that can work properly on 32-bit\nsystems and might apply to recent LTS kernels where shmem employs\nthe simple_offset mechanism.(CVE-2024-57952)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don't allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type 'struct sfq_head[128]'\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q->tail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.(CVE-2024-57996)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn't map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.(CVE-2024-57999)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.(CVE-2024-58002)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ds90ub9x3: Fix extra fwnode_handle_put()\n\nThe ub913 and ub953 drivers call fwnode_handle_put(priv->sd.fwnode) as\npart of their remove process, and if the driver is removed multiple\ntimes, eventually leads to put \"overflow\", possibly causing memory\ncorruption or crash.\n\nThe fwnode_handle_put() is a leftover from commit 905f88ccebb1 (\"media:\ni2c: ds90ub9x3: Fix sub-device matching\"), which changed the code\nrelated to the sd.fwnode, but missed removing these fwnode_handle_put()\ncalls.(CVE-2024-58003)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It's always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it's\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.(CVE-2024-58007)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.(CVE-2024-58009)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().(CVE-2024-58011)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f(CVE-2024-58013)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN()\ninstead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2024-58014)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsafesetid: check size of policy writes\n\nsyzbot attempts to write a buffer with a large size to a sysfs entry\nwith writes handled by handle_policy_update(), triggering a warning\nin kmalloc.\n\nCheck the size specified for write buffers before allocating.\n\n[PM: subject tweak](CVE-2024-58016)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 << 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.(CVE-2024-58017)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we'll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it's missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.(CVE-2024-58076)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.(CVE-2024-58079)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate '0', i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn't exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm->vcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it's fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.(CVE-2024-58083)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d->active_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d->active_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").(CVE-2024-58086)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\n\t\t(acquiring local_storage->lock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage->lock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A's\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.(CVE-2024-58088)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Prevent rescheduling when interrupts are disabled\n\nDavid reported a warning observed while loop testing kexec jump:\n\n Interrupts enabled after irqrouter_resume+0x0/0x50\n WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220\n kernel_kexec+0xf6/0x180\n __do_sys_reboot+0x206/0x250\n do_syscall_64+0x95/0x180\n\nThe corresponding interrupt flag trace:\n\n hardirqs last enabled at (15573): [] __up_console_sem+0x7e/0x90\n hardirqs last disabled at (15580): [] __up_console_sem+0x63/0x90\n\nThat means __up_console_sem() was invoked with interrupts enabled. Further\ninstrumentation revealed that in the interrupt disabled section of kexec\njump one of the syscore_suspend() callbacks woke up a task, which set the\nNEED_RESCHED flag. A later callback in the resume path invoked\ncond_resched() which in turn led to the invocation of the scheduler:\n\n __cond_resched+0x21/0x60\n down_timeout+0x18/0x60\n acpi_os_wait_semaphore+0x4c/0x80\n acpi_ut_acquire_mutex+0x3d/0x100\n acpi_ns_get_node+0x27/0x60\n acpi_ns_evaluate+0x1cb/0x2d0\n acpi_rs_set_srs_method_data+0x156/0x190\n acpi_pci_link_set+0x11c/0x290\n irqrouter_resume+0x54/0x60\n syscore_resume+0x6a/0x200\n kernel_kexec+0x145/0x1c0\n __do_sys_reboot+0xeb/0x240\n do_syscall_64+0x95/0x180\n\nThis is a long standing problem, which probably got more visible with\nthe recent printk changes. Something does a task wakeup and the\nscheduler sets the NEED_RESCHED flag. cond_resched() sees it set and\ninvokes schedule() from a completely bogus context. The scheduler\nenables interrupts after context switching, which causes the above\nwarning at the end.\n\nQuite some of the code paths in syscore_suspend()/resume() can result in\ntriggering a wakeup with the exactly same consequences. They might not\nhave done so yet, but as they share a lot of code with normal operations\nit's just a question of time.\n\nThe problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling\nmodels. Full preemption is not affected as cond_resched() is disabled and\nthe preemption check preemptible() takes the interrupt disabled flag into\naccount.\n\nCure the problem by adding a corresponding check into cond_resched().(CVE-2024-58090)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.probe_interval' is\nused.(CVE-2025-21636)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.(CVE-2025-21637)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.(CVE-2025-21638)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.sctp_hmac_alg' is\nused.(CVE-2025-21640)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.(CVE-2025-21665)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn't.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.(CVE-2025-21666)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk->transport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk->transport` at NULL, leading to a\nNULL pointer dereference.(CVE-2025-21669)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That's because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 1\n mlx5_lag_destroy_definers() <- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 0\n mlx5_lag_destroy_definers() <- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---(CVE-2025-21675)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there's a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn't DoS the VM.(CVE-2025-21690)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type 'ets_class [16]'\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \n [ 18.888610] ---[ end trace ]---(CVE-2025-21692)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.(CVE-2025-21697)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug <=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann (CVE-2025-21700)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock->magic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.(CVE-2025-21701)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nkernel: be more careful about dup_mmap() failures and uprobe registering\n\nIf a memory allocation fails during dup_mmap(), the maple tree can be left\nin an unsafe state for other iterators besides the exit path. All the\nlocks are dropped before the exit_mmap() call (in mm/mmap.c), but the\nincomplete mm_struct can be reached through (at least) the rmap finding\nthe vmas which have a pointer back to the mm_struct.\n\nUp to this point, there have been no issues with being able to find an\nmm_struct that was only partially initialised. Syzbot was able to make\nthe incomplete mm_struct fail with recent forking changes, so it has been\nproven unsafe to use the mm_struct that hasn't been initialised, as\nreferenced in the link below.\n\nAlthough 8ac662f5da19f (\"fork: avoid inappropriate uprobe access to\ninvalid mm\") fixed the uprobe access, it does not completely remove the\nrace.\n\nThis patch sets the MMF_OOM_SKIP to avoid the iteration of the vmas on the\noom side (even though this is extremely unlikely to be selected as an oom\nvictim in the race window), and sets MMF_UNSTABLE to avoid other potential\nusers from using a partially initialised mm_struct.\n\nWhen registering vmas for uprobe, skip the vmas in an mm that is marked\nunstable. Modifying a vma in an unstable mm may cause issues if the mm\nisn't fully initialised.(CVE-2025-21709)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime\n\nAfter commit ec6bb299c7c3 (\"md/md-bitmap: add 'sync_size' into struct\nmd_bitmap_stats\"), following panic is reported:\n\nOops: general protection fault, probably for non-canonical address\nRIP: 0010:bitmap_get_stats+0x2b/0xa0\nCall Trace:\n \n md_seq_show+0x2d2/0x5b0\n seq_read_iter+0x2b9/0x470\n seq_read+0x12f/0x180\n proc_reg_read+0x57/0xb0\n vfs_read+0xf6/0x380\n ksys_read+0x6c/0xf0\n do_syscall_64+0x82/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that bitmap_get_stats() can be called at anytime if mddev\nis still there, even if bitmap is destroyed, or not fully initialized.\nDeferenceing bitmap in this case can crash the kernel. Meanwhile, the\nabove commit start to deferencing bitmap->storage, make the problem\neasier to trigger.\n\nFix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.(CVE-2025-21712)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: handle errors that nilfs_prepare_chunk() may return\n\nPatch series \"nilfs2: fix issues with rename operations\".\n\nThis series fixes BUG_ON check failures reported by syzbot around rename\noperations, and a minor behavioral issue where the mtime of a child\ndirectory changes when it is renamed instead of moved.\n\n\nThis patch (of 2):\n\nThe directory manipulation routines nilfs_set_link() and\nnilfs_delete_entry() rewrite the directory entry in the folio/page\npreviously read by nilfs_find_entry(), so error handling is omitted on the\nassumption that nilfs_prepare_chunk(), which prepares the buffer for\nrewriting, will always succeed for these. And if an error is returned, it\ntriggers the legacy BUG_ON() checks in each routine.\n\nThis assumption is wrong, as proven by syzbot: the buffer layer called by\nnilfs_prepare_chunk() may call nilfs_get_block() if necessary, which may\nfail due to metadata corruption or other reasons. This has been there all\nalong, but improved sanity checks and error handling may have made it more\nreproducible in fuzzing tests.\n\nFix this issue by adding missing error paths in nilfs_set_link(),\nnilfs_delete_entry(), and their caller nilfs_rename().(CVE-2025-21721)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it's more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().(CVE-2025-21735)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba's\ndata structure 'struct ufs_hba::crypto_profile'. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released 'struct ufs_hba::crypto_profile'. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they've been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it's not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup(CVE-2025-21739)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.(CVE-2025-21741)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.(CVE-2025-21742)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr->if2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp->ndev->stats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.(CVE-2025-21744)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics - fix crash when enabling pass-through port\n\nWhen enabling a pass-through port an interrupt might come before psmouse\ndriver binds to the pass-through port. However synaptics sub-driver\ntries to access psmouse instance presumably associated with the\npass-through port to figure out if only 1 byte of response or entire\nprotocol packet needs to be forwarded to the pass-through port and may\ncrash if psmouse instance has not been attached to the port yet.\n\nFix the crash by introducing open() and close() methods for the port and\ncheck if the port is open before trying to access psmouse instance.\nBecause psmouse calls serio_open() only after attaching psmouse instance\nto serio port instance this prevents the potential crash.(CVE-2025-21746)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix integer overflows on 32 bit systems\n\nOn 32bit systems the addition operations in ipc_msg_alloc() can\npotentially overflow leading to memory corruption.\nAdd bounds checking using KSMBD_IPC_MAX_PAYLOAD to avoid overflow.(CVE-2025-21748)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.(CVE-2025-21749)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it's aborted,\nwe read its 'aborted' field after unlocking fs_info->trans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its 'aborted' field, leading to a use-after-free.\n\nFix this by reading the 'aborted' field while holding fs_info->trans_lock\nsince any freeing task must first acquire that lock and set\nfs_info->running_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---(CVE-2025-21753)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net->ipv6.igmp_sk\nsocket under RCU protection.(CVE-2025-21758)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net->ipv6.igmp_sk\nsocket under RCU protection.(CVE-2025-21759)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.(CVE-2025-21760)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.(CVE-2025-21761)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.(CVE-2025-21762)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.(CVE-2025-21763)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.(CVE-2025-21764)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.(CVE-2025-21765)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.(CVE-2025-21766)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().(CVE-2025-21772)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev->serial\n\nThe driver assumed that es58x_dev->udev->serial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev->udev->serial before accessing it.(CVE-2025-21773)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.(CVE-2025-21775)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel\n\nAdvertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don't rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan't be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.(CVE-2025-21779)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().(CVE-2025-21780)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn't a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh->bat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface](CVE-2025-21781)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.(CVE-2025-21784)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline](CVE-2025-21790)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.(CVE-2025-21792)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu's warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.(CVE-2025-21793)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.(CVE-2025-21821)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject mismatching sum of field_len with set key length\n\nThe field length description provides the length of each separated key\nfield in the concatenation, each field gets rounded up to 32-bits to\ncalculate the pipapo rule width from pipapo_init(). The set key length\nprovides the total size of the key aligned to 32-bits.\n\nRegister-based arithmetics still allows for combining mismatching set\nkey length and field length description, eg. set key length 10 and field\ndescription [ 5, 4 ] leading to pipapo width of 12.(CVE-2025-21826)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.(CVE-2025-21830)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won't be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.(CVE-2025-21831)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.(CVE-2025-21835)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.(CVE-2025-21836)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget->work\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(&gadget->work)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.(CVE-2025-21838)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps->cstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps->stream is NULL is incorrect and can\nlead to NULL pointer dereference.(CVE-2025-21847)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.(CVE-2025-21848)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don't reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb->len\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n <...>\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n <...>\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n <...>\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================(CVE-2025-21855)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts->actions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts->actions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower](CVE-2025-21857)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)->geneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet's call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---(CVE-2025-21858)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.(CVE-2025-21859)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let's place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.(CVE-2025-21862)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n >f1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.(CVE-2025-21866)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb's data\nthat didn't contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size >\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014(CVE-2025-21867)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier->data is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w->private is valid\n2. the dai (and thus the copier) is ALH copier(CVE-2025-21870)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it's possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.(CVE-2025-21871)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn't support arpmb we'll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job's reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0(CVE-2025-21873)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register 'gl620a' at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n (CVE-2025-21877)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..(CVE-2025-21878)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(&(0x7f0000000000)='./file0\\x00', 0x8)\n write$nbd(r2, &(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\\x00', 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], &(0x7f0000000000)='GPL\\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={&(0x7f0000000080)='./file0\\x00', &(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()->__replace_page() to unconditional decrease the\nRSS count and old_folio's refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio->refcount is zero,\n then free_pages_prepare->free_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -> ...\n -> folio_remove_rmap_pte()\n -> VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ](CVE-2025-21881)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 > /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 > /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next->prev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).(CVE-2025-21883)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.(CVE-2025-21885)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff <0f> 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n(CVE-2025-21888)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don't\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n(CVE-2025-21892)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc->pmu != next_epc->pmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out &\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ](CVE-2025-21895)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don't care about rec->counter * rec->counter overflow because\nrec->time * rec->time overflow will likely happen earlier.(CVE-2025-21898)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo 'hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)' > trigger\n bash: echo: write error: Invalid argument\n ~# echo 'hist:name=bad:keys=common_pid' > trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops->reg(.., data, ..) [hist_register_trigger()] {\n data->ops->init() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(&data->named_list, &named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(&data->list, &file->triggers); <<<---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops->unreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, &file->triggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) <- never matches\n continue;\n [..]\n test = iter;\n }\n if (test && test->ops->free) <<<-- test is NULL\n\n test->ops->free(test) [event_hist_trigger_free()] {\n [..]\n if (data->name)\n del_named_trigger(data) {\n list_del(&data->named_list); <<<<-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); <<<-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn't need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile->triggers to be properly populated.(CVE-2025-21899)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest->alpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A�\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n (CVE-2025-21910)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.(CVE-2025-21914)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.(CVE-2025-21923)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn't check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.(CVE-2025-21927)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.(CVE-2025-21928)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().(CVE-2025-21935)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx->plane_state\nis null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)(CVE-2025-21941)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether 'gpiochip0 0' exists or not does not matter.\n echo 'gpiochip0 0' > /sys/bus/platform/drivers/gpio-aggregator/new_device\n done &\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done &\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980->next is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \n ---[ end trace 0000000000000000 ]---(CVE-2025-21943)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out-of-bounds in parse_sec_desc()\n\nIf osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd\nstruct size. If it is smaller, It could cause slab-out-of-bounds.\nAnd when validating sid, It need to check it included subauth array size.(CVE-2025-21946)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Set hugetlb mmap base address aligned with pmd size\n\nWith ltp test case \"testcases/bin/hugefork02\", there is a dmesg error\nreport message such as:\n\n kernel BUG at mm/hugetlb.c:5550!\n Oops - BUG[#1]:\n CPU: 0 UID: 0 PID: 1517 Comm: hugefork02 Not tainted 6.14.0-rc2+ #241\n Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022\n pc 90000000004eaf1c ra 9000000000485538 tp 900000010edbc000 sp 900000010edbf940\n a0 900000010edbfb00 a1 9000000108d20280 a2 00007fffe9474000 a3 00007ffff3474000\n a4 0000000000000000 a5 0000000000000003 a6 00000000003cadd3 a7 0000000000000000\n t0 0000000001ffffff t1 0000000001474000 t2 900000010ecd7900 t3 00007fffe9474000\n t4 00007fffe9474000 t5 0000000000000040 t6 900000010edbfb00 t7 0000000000000001\n t8 0000000000000005 u0 90000000004849d0 s9 900000010edbfa00 s0 9000000108d20280\n s1 00007fffe9474000 s2 0000000002000000 s3 9000000108d20280 s4 9000000002b38b10\n s5 900000010edbfb00 s6 00007ffff3474000 s7 0000000000000406 s8 900000010edbfa08\n ra: 9000000000485538 unmap_vmas+0x130/0x218\n ERA: 90000000004eaf1c __unmap_hugepage_range+0x6f4/0x7d0\n PRMD: 00000004 (PPLV0 +PIE -PWE)\n EUEN: 00000007 (+FPE +SXE +ASXE -BTE)\n ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)\n ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)\n PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)\n Process hugefork02 (pid: 1517, threadinfo=00000000a670eaf4, task=000000007a95fc64)\n Call Trace:\n [<90000000004eaf1c>] __unmap_hugepage_range+0x6f4/0x7d0\n [<9000000000485534>] unmap_vmas+0x12c/0x218\n [<9000000000494068>] exit_mmap+0xe0/0x308\n [<900000000025fdc4>] mmput+0x74/0x180\n [<900000000026a284>] do_exit+0x294/0x898\n [<900000000026aa30>] do_group_exit+0x30/0x98\n [<900000000027bed4>] get_signal+0x83c/0x868\n [<90000000002457b4>] arch_do_signal_or_restart+0x54/0xfa0\n [<90000000015795e8>] irqentry_exit_to_user_mode+0xb8/0x138\n [<90000000002572d0>] tlb_do_page_fault_1+0x114/0x1b4\n\nThe problem is that base address allocated from hugetlbfs is not aligned\nwith pmd size. Here add a checking for hugetlbfs and align base address\nwith pmd size. After this patch the test case \"testcases/bin/hugefork02\"\npasses to run.\n\nThis is similar to the commit 7f24cbc9c4d42db8a3c8484d1 (\"mm/mmap: teach\ngeneric_get_unmapped_area{_topdown} to handle hugetlb mappings\").(CVE-2025-21949)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2025-21963)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2025-21964)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: hyperv_fb: Allow graceful removal of framebuffer\n\nWhen a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to\nrelease the framebuffer forcefully. If this framebuffer is in use it\nproduce the following WARN and hence this framebuffer is never released.\n\n[ 44.111220] WARNING: CPU: 35 PID: 1882 at drivers/video/fbdev/core/fb_info.c:70 framebuffer_release+0x2c/0x40\n< snip >\n[ 44.111289] Call Trace:\n[ 44.111290] \n[ 44.111291] ? show_regs+0x6c/0x80\n[ 44.111295] ? __warn+0x8d/0x150\n[ 44.111298] ? framebuffer_release+0x2c/0x40\n[ 44.111300] ? report_bug+0x182/0x1b0\n[ 44.111303] ? handle_bug+0x6e/0xb0\n[ 44.111306] ? exc_invalid_op+0x18/0x80\n[ 44.111308] ? asm_exc_invalid_op+0x1b/0x20\n[ 44.111311] ? framebuffer_release+0x2c/0x40\n[ 44.111313] ? hvfb_remove+0x86/0xa0 [hyperv_fb]\n[ 44.111315] vmbus_remove+0x24/0x40 [hv_vmbus]\n[ 44.111323] device_remove+0x40/0x80\n[ 44.111325] device_release_driver_internal+0x20b/0x270\n[ 44.111327] ? bus_find_device+0xb3/0xf0\n\nFix this by moving the release of framebuffer and assosiated memory\nto fb_ops.fb_destroy function, so that framebuffer framework handles\nit gracefully.\n\nWhile we fix this, also replace manual registrations/unregistration of\nframebuffer with devm_register_framebuffer.(CVE-2025-21976)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.(CVE-2025-21978)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.(CVE-2025-21993)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix incorrect validation for num_aces field of smb_acl\n\nparse_dcal() validate num_aces to allocate posix_ace_state_array.\n\nif (num_aces > ULONG_MAX / sizeof(struct smb_ace *))\n\nIt is an incorrect validation that we can create an array of size ULONG_MAX.\nsmb_acl has ->size field to calculate actual number of aces in request buffer\nsize. Use this to check invalid num_aces.(CVE-2025-21994)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX's inode instantiation.\n\nThe bug is that pde->proc_ops don't belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde->proc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde->proc_ops->... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir->i_sb, de);\n mod->exit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode->i_mode))\n\t if (de->proc_ops->proc_read_iter)\n --> As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don't do 2 atomic ops on the common path](CVE-2025-21999)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn't already been probed when first accessing it.(CVE-2025-22008)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host's\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host's FPMR\n before unbinding the host's FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host's FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost's FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As 'fpsimd_state' and 'fpmr_ptr'\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.(CVE-2025-22013)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n'mdelay(10)' after 'mutex_unlock(&trace_types_lock)' in s_start(),\nand executing the following script:\n\n $ echo function_graph > current_tracer\n $ cat trace > /dev/null &\n $ sleep 5 # Ensure the 'cat' reaches the 'mdelay(10)' point\n $ echo timerlat > current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through 'iter->trace->print_line()';\n * Another through 'event->funcs->trace()', which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the 'function_graph' tracer to the\n'timerlat' tracer, s_start only calls graph_trace_close of the\n'function_graph' tracer to free 'iter->private', but does not set\nit to NULL. This provides an opportunity for 'event->funcs->trace()'\nto use an invalid 'iter->private'.\n\nTo fix this issue, set 'iter->private' to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n'iter->private = NULL' during each 'cat trace' when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/(CVE-2025-22035)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate zero num_subauth before sub_auth is accessed\n\nAccess psid->sub_auth[psid->num_subauth - 1] without checking\nif num_subauth is non-zero leads to an out-of-bounds read.\nThis patch adds a validation step to ensure num_subauth != 0\nbefore sub_auth is accessed.(CVE-2025-22038)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Increase ARCH_DMA_MINALIGN up to 16\n\nARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices\n(such as APBDMA) require 16 bytes alignment. When the data buffer length\nis too small, the hardware may make an error writing cacheline. Thus, it\nis dangerous to allocate a small memory buffer for DMA. It's always safe\nto define ARCH_DMA_MINALIGN as L1_CACHE_BYTES but unnecessary (kmalloc()\nneed small memory objects). Therefore, just increase it to 16.(CVE-2025-22049)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.(CVE-2025-22066)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label 'out_mmap_sem' in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn't called to unlock\nmapping->invalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e(CVE-2025-22120)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ](CVE-2025-23136)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp->drm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.(CVE-2025-38240)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1450", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" }, { "summary":"CVE-2023-53034", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53034&packageName=kernel" }, { "summary":"CVE-2024-41935", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-41935&packageName=kernel" }, { "summary":"CVE-2024-49980", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49980&packageName=kernel" }, { "summary":"CVE-2024-52559", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-52559&packageName=kernel" }, { "summary":"CVE-2024-52560", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-52560&packageName=kernel" }, { "summary":"CVE-2024-53162", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53162&packageName=kernel" }, { "summary":"CVE-2024-53174", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53174&packageName=kernel" }, { "summary":"CVE-2024-53176", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53176&packageName=kernel" }, { "summary":"CVE-2024-53177", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53177&packageName=kernel" }, { "summary":"CVE-2024-53178", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53178&packageName=kernel" }, { "summary":"CVE-2024-53179", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53179&packageName=kernel" }, { "summary":"CVE-2024-53181", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53181&packageName=kernel" }, { "summary":"CVE-2024-53210", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53210&packageName=kernel" }, { "summary":"CVE-2024-53216", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53216&packageName=kernel" }, { "summary":"CVE-2024-53233", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53233&packageName=kernel" }, { "summary":"CVE-2024-53680", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53680&packageName=kernel" }, { "summary":"CVE-2024-54458", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-54458&packageName=kernel" }, { "summary":"CVE-2024-55881", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-55881&packageName=kernel" }, { "summary":"CVE-2024-56533", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56533&packageName=kernel" }, { "summary":"CVE-2024-56545", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56545&packageName=kernel" }, { "summary":"CVE-2024-56558", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56558&packageName=kernel" }, { "summary":"CVE-2024-56566", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56566&packageName=kernel" }, { "summary":"CVE-2024-56573", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56573&packageName=kernel" }, { "summary":"CVE-2024-56574", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56574&packageName=kernel" }, { "summary":"CVE-2024-56576", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56576&packageName=kernel" }, { "summary":"CVE-2024-56577", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56577&packageName=kernel" }, { "summary":"CVE-2024-56579", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56579&packageName=kernel" }, { "summary":"CVE-2024-56587", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56587&packageName=kernel" }, { "summary":"CVE-2024-56593", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56593&packageName=kernel" }, { "summary":"CVE-2024-56600", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56600&packageName=kernel" }, { "summary":"CVE-2024-56602", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56602&packageName=kernel" }, { "summary":"CVE-2024-56616", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56616&packageName=kernel" }, { "summary":"CVE-2024-56625", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56625&packageName=kernel" }, { "summary":"CVE-2024-56628", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56628&packageName=kernel" }, { "summary":"CVE-2024-56635", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56635&packageName=kernel" }, { "summary":"CVE-2024-56636", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56636&packageName=kernel" }, { "summary":"CVE-2024-56643", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56643&packageName=kernel" }, { "summary":"CVE-2024-56644", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56644&packageName=kernel" }, { "summary":"CVE-2024-56645", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56645&packageName=kernel" }, { "summary":"CVE-2024-56651", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56651&packageName=kernel" }, { "summary":"CVE-2024-56664", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56664&packageName=kernel" }, { "summary":"CVE-2024-56678", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56678&packageName=kernel" }, { "summary":"CVE-2024-56689", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56689&packageName=kernel" }, { "summary":"CVE-2024-56694", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56694&packageName=kernel" }, { "summary":"CVE-2024-56707", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56707&packageName=kernel" }, { "summary":"CVE-2024-56710", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56710&packageName=kernel" }, { "summary":"CVE-2024-56723", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56723&packageName=kernel" }, { "summary":"CVE-2024-56724", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56724&packageName=kernel" }, { "summary":"CVE-2024-56725", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56725&packageName=kernel" }, { "summary":"CVE-2024-56727", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56727&packageName=kernel" }, { "summary":"CVE-2024-56751", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56751&packageName=kernel" }, { "summary":"CVE-2024-56754", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56754&packageName=kernel" }, { "summary":"CVE-2024-56774", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56774&packageName=kernel" }, { "summary":"CVE-2024-57795", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57795&packageName=kernel" }, { "summary":"CVE-2024-57857", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57857&packageName=kernel" }, { "summary":"CVE-2024-57908", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57908&packageName=kernel" }, { "summary":"CVE-2024-57911", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57911&packageName=kernel" }, { "summary":"CVE-2024-57912", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57912&packageName=kernel" }, { "summary":"CVE-2024-57929", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57929&packageName=kernel" }, { "summary":"CVE-2024-57952", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57952&packageName=kernel" }, { "summary":"CVE-2024-57996", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57996&packageName=kernel" }, { "summary":"CVE-2024-57999", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57999&packageName=kernel" }, { "summary":"CVE-2024-58002", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58002&packageName=kernel" }, { "summary":"CVE-2024-58003", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58003&packageName=kernel" }, { "summary":"CVE-2024-58007", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58007&packageName=kernel" }, { "summary":"CVE-2024-58009", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58009&packageName=kernel" }, { "summary":"CVE-2024-58011", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58011&packageName=kernel" }, { "summary":"CVE-2024-58013", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58013&packageName=kernel" }, { "summary":"CVE-2024-58014", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58014&packageName=kernel" }, { "summary":"CVE-2024-58016", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58016&packageName=kernel" }, { "summary":"CVE-2024-58017", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58017&packageName=kernel" }, { "summary":"CVE-2024-58076", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58076&packageName=kernel" }, { "summary":"CVE-2024-58079", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58079&packageName=kernel" }, { "summary":"CVE-2024-58083", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58083&packageName=kernel" }, { "summary":"CVE-2024-58086", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58086&packageName=kernel" }, { "summary":"CVE-2024-58088", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58088&packageName=kernel" }, { "summary":"CVE-2024-58090", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58090&packageName=kernel" }, { "summary":"CVE-2025-21636", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21636&packageName=kernel" }, { "summary":"CVE-2025-21637", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21637&packageName=kernel" }, { "summary":"CVE-2025-21638", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21638&packageName=kernel" }, { "summary":"CVE-2025-21640", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21640&packageName=kernel" }, { "summary":"CVE-2025-21665", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21665&packageName=kernel" }, { "summary":"CVE-2025-21666", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21666&packageName=kernel" }, { "summary":"CVE-2025-21669", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21669&packageName=kernel" }, { "summary":"CVE-2025-21675", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21675&packageName=kernel" }, { "summary":"CVE-2025-21690", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21690&packageName=kernel" }, { "summary":"CVE-2025-21692", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21692&packageName=kernel" }, { "summary":"CVE-2025-21697", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21697&packageName=kernel" }, { "summary":"CVE-2025-21700", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21700&packageName=kernel" }, { "summary":"CVE-2025-21701", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21701&packageName=kernel" }, { "summary":"CVE-2025-21709", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21709&packageName=kernel" }, { "summary":"CVE-2025-21712", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21712&packageName=kernel" }, { "summary":"CVE-2025-21721", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21721&packageName=kernel" }, { "summary":"CVE-2025-21735", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21735&packageName=kernel" }, { "summary":"CVE-2025-21739", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21739&packageName=kernel" }, { "summary":"CVE-2025-21741", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21741&packageName=kernel" }, { "summary":"CVE-2025-21742", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21742&packageName=kernel" }, { "summary":"CVE-2025-21744", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21744&packageName=kernel" }, { "summary":"CVE-2025-21746", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21746&packageName=kernel" }, { "summary":"CVE-2025-21748", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21748&packageName=kernel" }, { "summary":"CVE-2025-21749", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21749&packageName=kernel" }, { "summary":"CVE-2025-21753", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21753&packageName=kernel" }, { "summary":"CVE-2025-21758", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21758&packageName=kernel" }, { "summary":"CVE-2025-21759", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21759&packageName=kernel" }, { "summary":"CVE-2025-21760", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21760&packageName=kernel" }, { "summary":"CVE-2025-21761", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21761&packageName=kernel" }, { "summary":"CVE-2025-21762", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21762&packageName=kernel" }, { "summary":"CVE-2025-21763", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21763&packageName=kernel" }, { "summary":"CVE-2025-21764", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21764&packageName=kernel" }, { "summary":"CVE-2025-21765", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21765&packageName=kernel" }, { "summary":"CVE-2025-21766", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21766&packageName=kernel" }, { "summary":"CVE-2025-21772", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21772&packageName=kernel" }, { "summary":"CVE-2025-21773", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21773&packageName=kernel" }, { "summary":"CVE-2025-21775", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21775&packageName=kernel" }, { "summary":"CVE-2025-21779", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21779&packageName=kernel" }, { "summary":"CVE-2025-21780", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21780&packageName=kernel" }, { "summary":"CVE-2025-21781", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21781&packageName=kernel" }, { "summary":"CVE-2025-21784", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21784&packageName=kernel" }, { "summary":"CVE-2025-21790", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21790&packageName=kernel" }, { "summary":"CVE-2025-21792", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21792&packageName=kernel" }, { "summary":"CVE-2025-21793", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21793&packageName=kernel" }, { "summary":"CVE-2025-21821", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21821&packageName=kernel" }, { "summary":"CVE-2025-21826", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21826&packageName=kernel" }, { "summary":"CVE-2025-21830", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21830&packageName=kernel" }, { "summary":"CVE-2025-21831", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21831&packageName=kernel" }, { "summary":"CVE-2025-21835", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21835&packageName=kernel" }, { "summary":"CVE-2025-21836", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21836&packageName=kernel" }, { "summary":"CVE-2025-21838", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21838&packageName=kernel" }, { "summary":"CVE-2025-21847", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21847&packageName=kernel" }, { "summary":"CVE-2025-21848", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21848&packageName=kernel" }, { "summary":"CVE-2025-21855", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21855&packageName=kernel" }, { "summary":"CVE-2025-21857", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21857&packageName=kernel" }, { "summary":"CVE-2025-21858", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21858&packageName=kernel" }, { "summary":"CVE-2025-21859", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21859&packageName=kernel" }, { "summary":"CVE-2025-21862", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21862&packageName=kernel" }, { "summary":"CVE-2025-21866", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21866&packageName=kernel" }, { "summary":"CVE-2025-21867", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21867&packageName=kernel" }, { "summary":"CVE-2025-21870", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21870&packageName=kernel" }, { "summary":"CVE-2025-21871", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21871&packageName=kernel" }, { "summary":"CVE-2025-21873", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21873&packageName=kernel" }, { "summary":"CVE-2025-21877", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21877&packageName=kernel" }, { "summary":"CVE-2025-21878", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21878&packageName=kernel" }, { "summary":"CVE-2025-21881", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21881&packageName=kernel" }, { "summary":"CVE-2025-21883", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21883&packageName=kernel" }, { "summary":"CVE-2025-21885", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21885&packageName=kernel" }, { "summary":"CVE-2025-21888", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21888&packageName=kernel" }, { "summary":"CVE-2025-21892", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21892&packageName=kernel" }, { "summary":"CVE-2025-21895", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21895&packageName=kernel" }, { "summary":"CVE-2025-21898", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21898&packageName=kernel" }, { "summary":"CVE-2025-21899", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21899&packageName=kernel" }, { "summary":"CVE-2025-21910", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21910&packageName=kernel" }, { "summary":"CVE-2025-21914", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21914&packageName=kernel" }, { "summary":"CVE-2025-21923", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21923&packageName=kernel" }, { "summary":"CVE-2025-21927", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21927&packageName=kernel" }, { "summary":"CVE-2025-21928", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21928&packageName=kernel" }, { "summary":"CVE-2025-21935", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21935&packageName=kernel" }, { "summary":"CVE-2025-21941", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21941&packageName=kernel" }, { "summary":"CVE-2025-21943", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21943&packageName=kernel" }, { "summary":"CVE-2025-21946", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21946&packageName=kernel" }, { "summary":"CVE-2025-21949", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21949&packageName=kernel" }, { "summary":"CVE-2025-21963", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21963&packageName=kernel" }, { "summary":"CVE-2025-21964", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21964&packageName=kernel" }, { "summary":"CVE-2025-21976", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21976&packageName=kernel" }, { "summary":"CVE-2025-21978", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21978&packageName=kernel" }, { "summary":"CVE-2025-21993", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21993&packageName=kernel" }, { "summary":"CVE-2025-21994", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21994&packageName=kernel" }, { "summary":"CVE-2025-21999", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21999&packageName=kernel" }, { "summary":"CVE-2025-22008", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22008&packageName=kernel" }, { "summary":"CVE-2025-22013", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22013&packageName=kernel" }, { "summary":"CVE-2025-22035", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22035&packageName=kernel" }, { "summary":"CVE-2025-22038", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22038&packageName=kernel" }, { "summary":"CVE-2025-22049", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22049&packageName=kernel" }, { "summary":"CVE-2025-22066", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22066&packageName=kernel" }, { "summary":"CVE-2025-22120", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22120&packageName=kernel" }, { "summary":"CVE-2025-23136", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-23136&packageName=kernel" }, { "summary":"CVE-2025-38240", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38240&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53034" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41935" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49980" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52559" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52560" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53162" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53174" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53176" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53177" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53178" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53179" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53181" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53210" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53216" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53233" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53680" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-54458" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55881" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56533" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56545" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56558" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56566" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56573" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56574" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56576" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56577" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56579" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56587" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56593" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56600" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56602" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56616" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56625" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56628" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56635" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56636" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56643" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56644" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56645" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56651" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56664" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56678" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56689" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56694" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56707" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56710" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56723" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56724" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56725" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56727" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56751" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56754" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56774" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57795" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57857" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57908" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57911" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57912" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57929" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57952" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57996" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57999" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58002" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58003" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58007" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58009" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58011" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58013" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58014" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58016" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58017" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58076" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58079" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58083" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58086" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58088" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58090" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21636" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21637" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21638" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21640" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21665" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21666" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21669" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21675" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21690" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21692" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21697" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21700" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21701" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21709" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21712" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21721" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21735" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21739" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21741" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21742" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21744" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21746" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21748" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21749" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21753" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21758" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21759" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21760" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21761" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21762" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21763" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21764" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21765" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21766" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21772" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21773" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21775" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21779" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21780" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21781" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21784" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21790" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21792" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21793" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21821" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21826" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21830" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21831" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21835" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21836" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21838" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21847" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21848" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21855" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21857" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21858" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21859" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21862" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21866" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21867" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21870" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21871" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21873" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21877" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21878" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21881" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21883" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21885" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21888" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21892" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21895" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21898" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21899" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21910" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21914" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21923" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21927" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21928" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21935" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21941" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21943" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21946" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21949" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21963" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21964" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21976" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21978" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21993" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21994" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21999" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22008" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22013" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22035" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22038" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22049" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22066" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22120" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23136" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38240" }, { "summary":"openEuler-SA-2025-1450 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1450.json" } ], "title":"An update for kernel is now available for openEuler-24.03-LTS", "tracking":{ "initial_release_date":"2025-04-25T22:10:36+08:00", "revision_history":[ { "date":"2025-04-25T22:10:36+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-04-25T22:10:36+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-04-25T22:10:36+08:00", "id":"openEuler-SA-2025-1450", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"openEuler-24.03-LTS", "name":"openEuler-24.03-LTS" }, "name":"openEuler-24.03-LTS", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"bpftool-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"bpftool-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"bpftool-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-source-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-source-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-source-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"python3-perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"python3-perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"python3-perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"bpftool-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"bpftool-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"bpftool-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-source-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-source-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-source-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"python3-perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"python3-perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"python3-perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS" }, "product_id":"kernel-6.6.0-87.0.0.82.oe2403.src.rpm", "name":"kernel-6.6.0-87.0.0.82.oe2403.src.rpm" }, "name":"kernel-6.6.0-87.0.0.82.oe2403.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"bpftool-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "name":"bpftool-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-source-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-source-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "name":"perf-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"python3-perf-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "name":"python3-perf-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"bpftool-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "name":"bpftool-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "name":"bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-source-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-source-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "name":"kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "name":"perf-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "name":"perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"python3-perf-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "name":"python3-perf-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "name":"python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64 as a component of openEuler-24.03-LTS" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS", "product_reference":"kernel-6.6.0-87.0.0.82.oe2403.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src", "name":"kernel-6.6.0-87.0.0.82.oe2403.src as a component of openEuler-24.03-LTS" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2023-53034", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2023-53034" }, { "cve":"CVE-2024-41935", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to shrink read extent node in batches\n\nWe use rwlock to protect core structure data of extent tree during\nits shrink, however, if there is a huge number of extent nodes in\nextent tree, during shrink of extent tree, it may hold rwlock for\na very long time, which may trigger kernel hang issue.\n\nThis patch fixes to shrink read extent node in batches, so that,\ncritical region of the rwlock can be shrunk to avoid its extreme\nlong time hold.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-41935" }, { "cve":"CVE-2024-49980", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: revert \"vrf: Remove unnecessary RCU-bh critical section\"\n\nThis reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853.\n\ndev_queue_xmit_nit is expected to be called with BH disabled.\n__dev_queue_xmit has the following:\n\n /* Disable soft irqs for various locks below. Also\n * stops preemption for RCU.\n */\n rcu_read_lock_bh();\n\nVRF must follow this invariant. The referenced commit removed this\nprotection. Which triggered a lockdep warning:\n\n\t================================\n\tWARNING: inconsistent lock state\n\t6.11.0 #1 Tainted: G W\n\t--------------------------------\n\tinconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.\n\tbtserver/134819 [HC0[0]:SC0[0]:HE1:SE1] takes:\n\tffff8882da30c118 (rlock-AF_PACKET){+.?.}-{2:2}, at: tpacket_rcv+0x863/0x3b30\n\t{IN-SOFTIRQ-W} state was registered at:\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t packet_rcv+0xa33/0x1320\n\t __netif_receive_skb_core.constprop.0+0xcb0/0x3a90\n\t __netif_receive_skb_list_core+0x2c9/0x890\n\t netif_receive_skb_list_internal+0x610/0xcc0\n [...]\n\n\tother info that might help us debug this:\n\t Possible unsafe locking scenario:\n\n\t CPU0\n\t ----\n\t lock(rlock-AF_PACKET);\n\t \n\t lock(rlock-AF_PACKET);\n\n\t *** DEADLOCK ***\n\n\tCall Trace:\n\t \n\t dump_stack_lvl+0x73/0xa0\n\t mark_lock+0x102e/0x16b0\n\t __lock_acquire+0x9ae/0x6170\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t tpacket_rcv+0x863/0x3b30\n\t dev_queue_xmit_nit+0x709/0xa40\n\t vrf_finish_direct+0x26e/0x340 [vrf]\n\t vrf_l3_out+0x5f4/0xe80 [vrf]\n\t __ip_local_out+0x51e/0x7a0\n [...]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-49980" }, { "cve":"CVE-2024-52559", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit->cmd[i].size\" and \"submit->cmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-52559" }, { "cve":"CVE-2024-52560", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()\n\nExtended the `mi_enum_attr()` function interface with an additional\nparameter, `struct ntfs_inode *ni`, to allow marking the inode\nas bad as soon as an error is detected.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-52560" }, { "cve":"CVE-2024-53162", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53162" }, { "cve":"CVE-2024-53174", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: make sure cache entry active before cache_show\n\nThe function `c_show` was called with protection from RCU. This only\nensures that `cp` will not be freed. Therefore, the reference count for\n`cp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `cache_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `cp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 822 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 7 UID: 0 PID: 822 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n\nCall Trace:\n \n c_show+0x2fc/0x380 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53174" }, { "cve":"CVE-2024-53176", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids->entries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it's\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn't block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we're here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid->dentry.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53176" }, { "cve":"CVE-2024-53177", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids->cfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53177" }, { "cve":"CVE-2024-53178", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don't leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids->entries list but doesn't drop a ref if has_lease isn't true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid->has_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [] __kmalloc_cache_noprof+0x2be/0x350\n [] open_cached_dir+0x993/0x1fb0\n [] cifs_readdir+0x15a0/0x1d50\n [] iterate_dir+0x28f/0x4b0\n [] __x64_sys_getdents64+0xfd/0x200\n [] do_syscall_64+0x95/0x1a0\n [] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [] __kmalloc_node_track_caller_noprof+0x363/0x480\n [] kstrdup+0x36/0x60\n [] open_cached_dir+0x9b0/0x1fb0\n [] cifs_readdir+0x15a0/0x1d50\n [] iterate_dir+0x28f/0x4b0\n [] __x64_sys_getdents64+0xfd/0x200\n [] do_syscall_64+0x95/0x1a0\n [] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff <0f> 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53178" }, { "cve":"CVE-2024-53179", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free of signing key\n\nCustomers have reported use-after-free in @ses->auth_key.response with\nSMB2.1 + sign mounts which occurs due to following race:\n\ntask A task B\ncifs_mount()\n dfs_mount_share()\n get_session()\n cifs_mount_get_session() cifs_send_recv()\n cifs_get_smb_ses() compound_send_recv()\n cifs_setup_session() smb2_setup_request()\n kfree_sensitive() smb2_calc_signature()\n crypto_shash_setkey() *UAF*\n\nFix this by ensuring that we have a valid @ses->auth_key.response by\nchecking whether @ses->ses_status is SES_GOOD or SES_EXITING with\n@ses->ses_lock held. After commit 24a9799aa8ef (\"smb: client: fix UAF\nin smb2_reconnect_server()\"), we made sure to call ->logoff() only\nwhen @ses was known to be good (e.g. valid ->auth_key.response), so\nit's safe to access signing key when @ses->ses_status == SES_EXITING.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53179" }, { "cve":"CVE-2024-53181", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\num: vector: Do not use drvdata in release\n\nThe drvdata is not available in release. Let's just use container_of()\nto get the vector_device instance. Otherwise, removing a vector device\nwill result in a crash:\n\nRIP: 0033:vector_device_release+0xf/0x50\nRSP: 00000000e187bc40 EFLAGS: 00010202\nRAX: 0000000060028f61 RBX: 00000000600f1baf RCX: 00000000620074e0\nRDX: 000000006220b9c0 RSI: 0000000060551c80 RDI: 0000000000000000\nRBP: 00000000e187bc50 R08: 00000000603ad594 R09: 00000000e187bb70\nR10: 000000000000135a R11: 00000000603ad422 R12: 00000000623ae028\nR13: 000000006287a200 R14: 0000000062006d30 R15: 00000000623700b6\nKernel panic - not syncing: Segfault with no mm\nCPU: 0 UID: 0 PID: 16 Comm: kworker/0:1 Not tainted 6.12.0-rc6-g59b723cd2adb #1\nWorkqueue: events mc_work_proc\nStack:\n 60028f61 623ae028 e187bc80 60276fcd\n 6220b9c0 603f5820 623ae028 00000000\n e187bcb0 603a2bcd 623ae000 62370010\nCall Trace:\n [<60028f61>] ? vector_device_release+0x0/0x50\n [<60276fcd>] device_release+0x70/0xba\n [<603a2bcd>] kobject_put+0xba/0xe7\n [<60277265>] put_device+0x19/0x1c\n [<60281266>] platform_device_put+0x26/0x29\n [<60281e5f>] platform_device_unregister+0x2c/0x2e\n [<60029422>] vector_remove+0x52/0x58\n [<60031316>] ? mconsole_reply+0x0/0x50\n [<600310c8>] mconsole_remove+0x160/0x1cc\n [<603b19f4>] ? strlen+0x0/0x15\n [<60066611>] ? __dequeue_entity+0x1a9/0x206\n [<600666a7>] ? set_next_entity+0x39/0x63\n [<6006666e>] ? set_next_entity+0x0/0x63\n [<60038fa6>] ? um_set_signals+0x0/0x43\n [<6003070c>] mc_work_proc+0x77/0x91\n [<60057664>] process_scheduled_works+0x1b3/0x2dd\n [<60055f32>] ? assign_work+0x0/0x58\n [<60057f0a>] worker_thread+0x1e9/0x293\n [<6005406f>] ? set_pf_worker+0x0/0x64\n [<6005d65d>] ? arch_local_irq_save+0x0/0x2d\n [<6005d748>] ? kthread_exit+0x0/0x3a\n [<60057d21>] ? worker_thread+0x0/0x293\n [<6005dbf1>] kthread+0x126/0x12b\n [<600219c5>] new_thread_handler+0x85/0xb6", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-53181" }, { "cve":"CVE-2024-53210", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ns390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()\n\nPassing MSG_PEEK flag to skb_recv_datagram() increments skb refcount\n(skb->users) and iucv_sock_recvmsg() does not decrement skb refcount\nat exit.\nThis results in skb memory leak in skb_queue_purge() and WARN_ON in\niucv_sock_destruct() during socket close. To fix this decrease\nskb refcount by one if MSG_PEEK is set in order to prevent memory\nleak and WARN_ON.\n\nWARNING: CPU: 2 PID: 6292 at net/iucv/af_iucv.c:286 iucv_sock_destruct+0x144/0x1a0 [af_iucv]\nCPU: 2 PID: 6292 Comm: afiucv_test_msg Kdump: loaded Tainted: G W 6.10.0-rc7 #1\nHardware name: IBM 3931 A01 704 (z/VM 7.3.0)\nCall Trace:\n [<001587c682c4aa98>] iucv_sock_destruct+0x148/0x1a0 [af_iucv]\n [<001587c682c4a9d0>] iucv_sock_destruct+0x80/0x1a0 [af_iucv]\n [<001587c704117a32>] __sk_destruct+0x52/0x550\n [<001587c704104a54>] __sock_release+0xa4/0x230\n [<001587c704104c0c>] sock_close+0x2c/0x40\n [<001587c702c5f5a8>] __fput+0x2e8/0x970\n [<001587c7024148c4>] task_work_run+0x1c4/0x2c0\n [<001587c7023b0716>] do_exit+0x996/0x1050\n [<001587c7023b13aa>] do_group_exit+0x13a/0x360\n [<001587c7023b1626>] __s390x_sys_exit_group+0x56/0x60\n [<001587c7022bccca>] do_syscall+0x27a/0x380\n [<001587c7049a6a0c>] __do_syscall+0x9c/0x160\n [<001587c7049ce8a8>] system_call+0x70/0x98\n Last Breaking-Event-Address:\n [<001587c682c4a9d4>] iucv_sock_destruct+0x84/0x1a0 [af_iucv]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53210" }, { "cve":"CVE-2024-53216", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: release svc_expkey/svc_export with rcu_work\n\nThe last reference for `cache_head` can be reduced to zero in `c_show`\nand `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently,\n`svc_export_put` and `expkey_put` will be invoked, leading to two\nissues:\n\n1. The `svc_export_put` will directly free ex_uuid. However,\n `e_show`/`c_show` will access `ex_uuid` after `cache_put`, which can\n trigger a use-after-free issue, shown below.\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in svc_export_show+0x362/0x430 [nfsd]\n Read of size 1 at addr ff11000010fdc120 by task cat/870\n\n CPU: 1 UID: 0 PID: 870 Comm: cat Not tainted 6.12.0-rc3+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n 1.16.1-2.fc37 04/01/2014\n Call Trace:\n \n dump_stack_lvl+0x53/0x70\n print_address_description.constprop.0+0x2c/0x3a0\n print_report+0xb9/0x280\n kasan_report+0xae/0xe0\n svc_export_show+0x362/0x430 [nfsd]\n c_show+0x161/0x390 [sunrpc]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n proc_reg_read+0xe1/0x140\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Allocated by task 830:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc_node_track_caller_noprof+0x1bc/0x400\n kmemdup_noprof+0x22/0x50\n svc_export_parse+0x8a9/0xb80 [nfsd]\n cache_do_downcall+0x71/0xa0 [sunrpc]\n cache_write_procfs+0x8e/0xd0 [sunrpc]\n proc_reg_write+0xe1/0x140\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n Freed by task 868:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kfree+0xf3/0x3e0\n svc_export_put+0x87/0xb0 [nfsd]\n cache_purge+0x17f/0x1f0 [sunrpc]\n nfsd_destroy_serv+0x226/0x2d0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n2. We cannot sleep while using `rcu_read_lock`/`rcu_read_unlock`.\n However, `svc_export_put`/`expkey_put` will call path_put, which\n subsequently triggers a sleeping operation due to the following\n `dput`.\n\n =============================\n WARNING: suspicious RCU usage\n 5.10.0-dirty #141 Not tainted\n -----------------------------\n ...\n Call Trace:\n dump_stack+0x9a/0xd0\n ___might_sleep+0x231/0x240\n dput+0x39/0x600\n path_put+0x1b/0x30\n svc_export_put+0x17/0x80\n e_show+0x1c9/0x200\n seq_read_iter+0x63f/0x7c0\n seq_read+0x226/0x2d0\n vfs_read+0x113/0x2c0\n ksys_read+0xc9/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nFix these issues by using `rcu_work` to help release\n`svc_expkey`/`svc_export`. This approach allows for an asynchronous\ncontext to invoke `path_put` and also facilitates the freeing of\n`uuid/exp/key` after an RCU grace period.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53216" }, { "cve":"CVE-2024-53233", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nunicode: Fix utf8_load() error path\n\nutf8_load() requests the symbol \"utf8_data_table\" and then checks if the\nrequested UTF-8 version is supported. If it's unsupported, it tries to\nput the data table using symbol_put(). If an unsupported version is\nrequested, symbol_put() fails like this:\n\n kernel BUG at kernel/module/main.c:786!\n RIP: 0010:__symbol_put+0x93/0xb0\n Call Trace:\n \n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0xca/0x110\n ? do_error_trap+0x65/0x80\n ? __symbol_put+0x93/0xb0\n ? exc_invalid_op+0x51/0x70\n ? __symbol_put+0x93/0xb0\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_cmp_name+0x10/0x10\n ? __symbol_put+0x93/0xb0\n ? __symbol_put+0x62/0xb0\n utf8_load+0xf8/0x150\n\nThat happens because symbol_put() expects the unique string that\nidentify the symbol, instead of a pointer to the loaded symbol. Fix that\nby using such string.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53233" }, { "cve":"CVE-2024-53680", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.8, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53680" }, { "cve":"CVE-2024-54458", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-54458" }, { "cve":"CVE-2024-55881", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall. For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n ------------[ cut here ]------------\n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n Call Trace:\n \n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \n ---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-55881" }, { "cve":"CVE-2024-56533", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usx2y: Use snd_card_free_when_closed() at disconnection\n\nThe USB disconnect callback is supposed to be short and not too-long\nwaiting. OTOH, the current code uses snd_card_free() at\ndisconnection, but this waits for the close of all used fds, hence it\ncan take long. It eventually blocks the upper layer USB ioctls, which\nmay trigger a soft lockup.\n\nAn easy workaround is to replace snd_card_free() with\nsnd_card_free_when_closed(). This variant returns immediately while\nthe release of resources is done asynchronously by the card device\nrelease at the last close.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56533" }, { "cve":"CVE-2024-56545", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: streamline driver probe to avoid devres issues\n\nIt was found that unloading 'hid_hyperv' module results in a devres\ncomplaint:\n\n ...\n hv_vmbus: unregistering driver hid_hyperv\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 3983 at drivers/base/devres.c:691 devres_release_group+0x1f2/0x2c0\n ...\n Call Trace:\n \n ? devres_release_group+0x1f2/0x2c0\n ? __warn+0xd1/0x1c0\n ? devres_release_group+0x1f2/0x2c0\n ? report_bug+0x32a/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x18/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? devres_release_group+0x1f2/0x2c0\n ? devres_release_group+0x90/0x2c0\n ? rcu_is_watching+0x15/0xb0\n ? __pfx_devres_release_group+0x10/0x10\n hid_device_remove+0xf5/0x220\n device_release_driver_internal+0x371/0x540\n ? klist_put+0xf3/0x170\n bus_remove_device+0x1f1/0x3f0\n device_del+0x33f/0x8c0\n ? __pfx_device_del+0x10/0x10\n ? cleanup_srcu_struct+0x337/0x500\n hid_destroy_device+0xc8/0x130\n mousevsc_remove+0xd2/0x1d0 [hid_hyperv]\n device_release_driver_internal+0x371/0x540\n driver_detach+0xc5/0x180\n bus_remove_driver+0x11e/0x2a0\n ? __mutex_unlock_slowpath+0x160/0x5e0\n vmbus_driver_unregister+0x62/0x2b0 [hv_vmbus]\n ...\n\nAnd the issue seems to be that the corresponding devres group is not\nallocated. Normally, devres_open_group() is called from\n__hid_device_probe() but Hyper-V HID driver overrides 'hid_dev->driver'\nwith 'mousevsc_hid_driver' stub and basically re-implements\n__hid_device_probe() by calling hid_parse() and hid_hw_start() but not\ndevres_open_group(). hid_device_probe() does not call __hid_device_probe()\nfor it. Later, when the driver is removed, hid_device_remove() calls\ndevres_release_group() as it doesn't check whether hdev->driver was\ninitially overridden or not.\n\nThe issue seems to be related to the commit 62c68e7cee33 (\"HID: ensure\ntimely release of driver-allocated resources\") but the commit itself seems\nto be correct.\n\nFix the issue by dropping the 'hid_dev->driver' override and using\nhid_register_driver()/hid_unregister_driver() instead. Alternatively, it\nwould have been possible to rely on the default handling but\nHID_CONNECT_DEFAULT implies HID_CONNECT_HIDRAW and it doesn't seem to work\nfor mousevsc as-is.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56545" }, { "cve":"CVE-2024-56558", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: make sure exp active before svc_export_show\n\nThe function `e_show` was called with protection from RCU. This only\nensures that `exp` will not be freed. Therefore, the reference count for\n`exp` can drop to zero, which will trigger a refcount use-after-free\nwarning when `exp_get` is called. To resolve this issue, use\n`cache_get_rcu` to ensure that `exp` remains active.\n\n------------[ cut here ]------------\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 3 PID: 819 at lib/refcount.c:25\nrefcount_warn_saturate+0xb1/0x120\nCPU: 3 UID: 0 PID: 819 Comm: cat Not tainted 6.12.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb1/0x120\n...\nCall Trace:\n \n e_show+0x20b/0x230 [nfsd]\n seq_read_iter+0x589/0x770\n seq_read+0x1e5/0x270\n vfs_read+0x125/0x530\n ksys_read+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56558" }, { "cve":"CVE-2024-56566", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: Avoid list corruption when removing a slab from the full list\n\nBoot with slub_debug=UFPZ.\n\nIf allocated object failed in alloc_consistency_checks, all objects of\nthe slab will be marked as used, and then the slab will be removed from\nthe partial list.\n\nWhen an object belonging to the slab got freed later, the remove_full()\nfunction is called. Because the slab is neither on the partial list nor\non the full list, it eventually lead to a list corruption (actually a\nlist poison being detected).\n\nSo we need to mark and isolate the slab page with metadata corruption,\ndo not put it back in circulation.\n\nBecause the debug caches avoid all the fastpaths, reusing the frozen bit\nto mark slab page with metadata corruption seems to be fine.\n\n[ 4277.385669] list_del corruption, ffffea00044b3e50->next is LIST_POISON1 (dead000000000100)\n[ 4277.387023] ------------[ cut here ]------------\n[ 4277.387880] kernel BUG at lib/list_debug.c:56!\n[ 4277.388680] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 4277.389562] CPU: 5 PID: 90 Comm: kworker/5:1 Kdump: loaded Tainted: G OE 6.6.1-1 #1\n[ 4277.392113] Workqueue: xfs-inodegc/vda1 xfs_inodegc_worker [xfs]\n[ 4277.393551] RIP: 0010:__list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.394518] Code: 48 91 82 e8 37 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 28 49 91 82 e8 26 f9 9a ff 0f 0b 48 89 fe 48 c7 c7 58 49 91\n[ 4277.397292] RSP: 0018:ffffc90000333b38 EFLAGS: 00010082\n[ 4277.398202] RAX: 000000000000004e RBX: ffffea00044b3e50 RCX: 0000000000000000\n[ 4277.399340] RDX: 0000000000000002 RSI: ffffffff828f8715 RDI: 00000000ffffffff\n[ 4277.400545] RBP: ffffea00044b3e40 R08: 0000000000000000 R09: ffffc900003339f0\n[ 4277.401710] R10: 0000000000000003 R11: ffffffff82d44088 R12: ffff888112cf9910\n[ 4277.402887] R13: 0000000000000001 R14: 0000000000000001 R15: ffff8881000424c0\n[ 4277.404049] FS: 0000000000000000(0000) GS:ffff88842fd40000(0000) knlGS:0000000000000000\n[ 4277.405357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4277.406389] CR2: 00007f2ad0b24000 CR3: 0000000102a3a006 CR4: 00000000007706e0\n[ 4277.407589] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4277.408780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4277.410000] PKRU: 55555554\n[ 4277.410645] Call Trace:\n[ 4277.411234] \n[ 4277.411777] ? die+0x32/0x80\n[ 4277.412439] ? do_trap+0xd6/0x100\n[ 4277.413150] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.414158] ? do_error_trap+0x6a/0x90\n[ 4277.414948] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.415915] ? exc_invalid_op+0x4c/0x60\n[ 4277.416710] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.417675] ? asm_exc_invalid_op+0x16/0x20\n[ 4277.418482] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.419466] ? __list_del_entry_valid_or_report+0x7b/0xc0\n[ 4277.420410] free_to_partial_list+0x515/0x5e0\n[ 4277.421242] ? xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.422298] xfs_iext_remove+0x41a/0xa10 [xfs]\n[ 4277.423316] ? xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.424383] xfs_bmap_del_extent_delay+0x4fe/0x7d0 [xfs]\n[ 4277.425490] __xfs_bunmapi+0x50d/0x840 [xfs]\n[ 4277.426445] xfs_itruncate_extents_flags+0x13a/0x490 [xfs]\n[ 4277.427553] xfs_inactive_truncate+0xa3/0x120 [xfs]\n[ 4277.428567] xfs_inactive+0x22d/0x290 [xfs]\n[ 4277.429500] xfs_inodegc_worker+0xb4/0x1a0 [xfs]\n[ 4277.430479] process_one_work+0x171/0x340\n[ 4277.431227] worker_thread+0x277/0x390\n[ 4277.431962] ? __pfx_worker_thread+0x10/0x10\n[ 4277.432752] kthread+0xf0/0x120\n[ 4277.433382] ? __pfx_kthread+0x10/0x10\n[ 4277.434134] ret_from_fork+0x2d/0x50\n[ 4277.434837] ? __pfx_kthread+0x10/0x10\n[ 4277.435566] ret_from_fork_asm+0x1b/0x30\n[ 4277.436280] ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56566" }, { "cve":"CVE-2024-56573", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nefi/libstub: Free correct pointer on failure\n\ncmdline_ptr is an out parameter, which is not allocated by the function\nitself, and likely points into the caller's stack.\n\ncmdline refers to the pool allocation that should be freed when cleaning\nup after a failure, so pass this instead to free_pool().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56573" }, { "cve":"CVE-2024-56574", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ts2020: fix null-ptr-deref in ts2020_probe()\n\nKASAN reported a null-ptr-deref issue when executing the following\ncommand:\n\n # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]\n RSP: 0018:ffffc9000abbf598 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffffc0714809\n RDX: 0000000000000002 RSI: ffff88811550be00 RDI: 0000000000000010\n RBP: ffff888109868800 R08: 0000000000000001 R09: fffff52001577eb6\n R10: 0000000000000000 R11: ffffc9000abbff50 R12: ffffffffc0714790\n R13: 1ffff92001577eb8 R14: ffffffffc07190d0 R15: 0000000000000001\n FS: 00007f95f13b98c0(0000) GS:ffff888149280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000555d2634b000 CR3: 0000000152236000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \n ts2020_probe+0xad/0xe10 [ts2020]\n i2c_device_probe+0x421/0xb40\n really_probe+0x266/0x850\n ...\n\nThe cause of the problem is that when using sysfs to dynamically register\nan i2c device, there is no platform data, but the probe process of ts2020\nneeds to use platform data, resulting in a null pointer being accessed.\n\nSolve this problem by adding checks to platform data.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56574" }, { "cve":"CVE-2024-56576", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: tc358743: Fix crash in the probe error path when using polling\n\nIf an error occurs in the probe() function, we should remove the polling\ntimer that was alarmed earlier, otherwise the timer is called with\narguments that are already freed, which results in a crash.\n\n------------[ cut here ]------------\nWARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268\nModules linked in:\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0 #226\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\npstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __run_timers+0x244/0x268\nlr : __run_timers+0x1d4/0x268\nsp : ffffff80eff2baf0\nx29: ffffff80eff2bb50 x28: 7fffffffffffffff x27: ffffff80eff2bb00\nx26: ffffffc080f669c0 x25: ffffff80efef6bf0 x24: ffffff80eff2bb00\nx23: 0000000000000000 x22: dead000000000122 x21: 0000000000000000\nx20: ffffff80efef6b80 x19: ffffff80041c8bf8 x18: ffffffffffffffff\nx17: ffffffc06f146000 x16: ffffff80eff27dc0 x15: 000000000000003e\nx14: 0000000000000000 x13: 00000000000054da x12: 0000000000000000\nx11: 00000000000639c0 x10: 000000000000000c x9 : 0000000000000009\nx8 : ffffff80eff2cb40 x7 : ffffff80eff2cb40 x6 : ffffff8002bee480\nx5 : ffffffc080cb2220 x4 : ffffffc080cb2150 x3 : 00000000000f4240\nx2 : 0000000000000102 x1 : ffffff80eff2bb00 x0 : ffffff80041c8bf0\nCall trace:\n __run_timers+0x244/0x268\n timer_expire_remote+0x50/0x68\n tmigr_handle_remote+0x388/0x39c\n run_timer_softirq+0x38/0x44\n handle_softirqs+0x138/0x298\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x1c\n call_on_irq_stack+0x24/0x4c\n do_softirq_own_stack+0x1c/0x2c\n irq_exit_rcu+0x9c/0xcc\n el1_interrupt+0x48/0xc0\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x7c/0x80\n default_idle_call+0x34/0x68\n do_idle+0x23c/0x294\n cpu_startup_entry+0x38/0x3c\n secondary_start_kernel+0x128/0x160\n __secondary_switched+0xb8/0xbc\n---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56576" }, { "cve":"CVE-2024-56577", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-jpeg: Fix null-ptr-deref during unload module\n\nThe workqueue should be destroyed in mtk_jpeg_core.c since commit\n09aea13ecf6f (\"media: mtk-jpeg: refactor some variables\"), otherwise\nthe below calltrace can be easily triggered.\n\n[ 677.862514] Unable to handle kernel paging request at virtual address dfff800000000023\n[ 677.863633] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\n...\n[ 677.879654] CPU: 6 PID: 1071 Comm: modprobe Tainted: G O 6.8.12-mtk+gfa1a78e5d24b+ #17\n...\n[ 677.882838] pc : destroy_workqueue+0x3c/0x770\n[ 677.883413] lr : mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.884314] sp : ffff80008ad974f0\n[ 677.884744] x29: ffff80008ad974f0 x28: ffff0000d7115580 x27: ffff0000dd691070\n[ 677.885669] x26: ffff0000dd691408 x25: ffff8000844af3e0 x24: ffff80008ad97690\n[ 677.886592] x23: ffff0000e051d400 x22: ffff0000dd691010 x21: dfff800000000000\n[ 677.887515] x20: 0000000000000000 x19: 0000000000000000 x18: ffff800085397ac0\n[ 677.888438] x17: 0000000000000000 x16: ffff8000801b87c8 x15: 1ffff000115b2e10\n[ 677.889361] x14: 00000000f1f1f1f1 x13: 0000000000000000 x12: ffff7000115b2e4d\n[ 677.890285] x11: 1ffff000115b2e4c x10: ffff7000115b2e4c x9 : ffff80000aa43e90\n[ 677.891208] x8 : 00008fffeea4d1b4 x7 : ffff80008ad97267 x6 : 0000000000000001\n[ 677.892131] x5 : ffff80008ad97260 x4 : ffff7000115b2e4d x3 : 0000000000000000\n[ 677.893054] x2 : 0000000000000023 x1 : dfff800000000000 x0 : 0000000000000118\n[ 677.893977] Call trace:\n[ 677.894297] destroy_workqueue+0x3c/0x770\n[ 677.894826] mtk_jpegdec_destroy_workqueue+0x70/0x88 [mtk_jpeg_dec_hw]\n[ 677.895677] devm_action_release+0x50/0x90\n[ 677.896211] release_nodes+0xe8/0x170\n[ 677.896688] devres_release_all+0xf8/0x178\n[ 677.897219] device_unbind_cleanup+0x24/0x170\n[ 677.897785] device_release_driver_internal+0x35c/0x480\n[ 677.898461] device_release_driver+0x20/0x38\n...\n[ 677.912665] ---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56577" }, { "cve":"CVE-2024-56579", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56579" }, { "cve":"CVE-2024-56587", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nleds: class: Protect brightness_show() with led_cdev->led_access mutex\n\nThere is NULL pointer issue observed if from Process A where hid device\nbeing added which results in adding a led_cdev addition and later a\nanother call to access of led_cdev attribute from Process B can result\nin NULL pointer issue.\n\nUse mutex led_cdev->led_access to protect access to led->cdev and its\nattribute inside brightness_show() and max_brightness_show() and also\nupdate the comment for mutex that it should be used to protect the led\nclass device fields.\n\n\tProcess A \t\t\t\tProcess B\n\n kthread+0x114\n worker_thread+0x244\n process_scheduled_works+0x248\n uhid_device_add_worker+0x24\n hid_add_device+0x120\n device_add+0x268\n bus_probe_device+0x94\n device_initial_probe+0x14\n __device_attach+0xfc\n bus_for_each_drv+0x10c\n __device_attach_driver+0x14c\n driver_probe_device+0x3c\n __driver_probe_device+0xa0\n really_probe+0x190\n hid_device_probe+0x130\n ps_probe+0x990\n ps_led_register+0x94\n devm_led_classdev_register_ext+0x58\n led_classdev_register_ext+0x1f8\n device_create_with_groups+0x48\n device_create_groups_vargs+0xc8\n device_add+0x244\n kobject_uevent+0x14\n kobject_uevent_env[jt]+0x224\n mutex_unlock[jt]+0xc4\n __mutex_unlock_slowpath+0xd4\n wake_up_q+0x70\n try_to_wake_up[jt]+0x48c\n preempt_schedule_common+0x28\n __schedule+0x628\n __switch_to+0x174\n\t\t\t\t\t\tel0t_64_sync+0x1a8/0x1ac\n\t\t\t\t\t\tel0t_64_sync_handler+0x68/0xbc\n\t\t\t\t\t\tel0_svc+0x38/0x68\n\t\t\t\t\t\tdo_el0_svc+0x1c/0x28\n\t\t\t\t\t\tel0_svc_common+0x80/0xe0\n\t\t\t\t\t\tinvoke_syscall+0x58/0x114\n\t\t\t\t\t\t__arm64_sys_read+0x1c/0x2c\n\t\t\t\t\t\tksys_read+0x78/0xe8\n\t\t\t\t\t\tvfs_read+0x1e0/0x2c8\n\t\t\t\t\t\tkernfs_fop_read_iter+0x68/0x1b4\n\t\t\t\t\t\tseq_read_iter+0x158/0x4ec\n\t\t\t\t\t\tkernfs_seq_show+0x44/0x54\n\t\t\t\t\t\tsysfs_kf_seq_show+0xb4/0x130\n\t\t\t\t\t\tdev_attr_show+0x38/0x74\n\t\t\t\t\t\tbrightness_show+0x20/0x4c\n\t\t\t\t\t\tdualshock4_led_get_brightness+0xc/0x74\n\n[ 3313.874295][ T4013] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n[ 3313.874301][ T4013] Mem abort info:\n[ 3313.874303][ T4013] ESR = 0x0000000096000006\n[ 3313.874305][ T4013] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 3313.874307][ T4013] SET = 0, FnV = 0\n[ 3313.874309][ T4013] EA = 0, S1PTW = 0\n[ 3313.874311][ T4013] FSC = 0x06: level 2 translation fault\n[ 3313.874313][ T4013] Data abort info:\n[ 3313.874314][ T4013] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n[ 3313.874316][ T4013] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 3313.874318][ T4013] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 3313.874320][ T4013] user pgtable: 4k pages, 39-bit VAs, pgdp=00000008f2b0a000\n..\n\n[ 3313.874332][ T4013] Dumping ftrace buffer:\n[ 3313.874334][ T4013] (ftrace buffer empty)\n..\n..\n[ dd3313.874639][ T4013] CPU: 6 PID: 4013 Comm: InputReader\n[ 3313.874648][ T4013] pc : dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874653][ T4013] lr : led_update_brightness+0x38/0x60\n[ 3313.874656][ T4013] sp : ffffffc0b910bbd0\n..\n..\n[ 3313.874685][ T4013] Call trace:\n[ 3313.874687][ T4013] dualshock4_led_get_brightness+0xc/0x74\n[ 3313.874690][ T4013] brightness_show+0x20/0x4c\n[ 3313.874692][ T4013] dev_attr_show+0x38/0x74\n[ 3313.874696][ T4013] sysfs_kf_seq_show+0xb4/0x130\n[ 3313.874700][ T4013] kernfs_seq_show+0x44/0x54\n[ 3313.874703][ T4013] seq_read_iter+0x158/0x4ec\n[ 3313.874705][ T4013] kernfs_fop_read_iter+0x68/0x1b4\n[ 3313.874708][ T4013] vfs_read+0x1e0/0x2c8\n[ 3313.874711][ T4013] ksys_read+0x78/0xe8\n[ 3313.874714][ T4013] __arm64_sys_read+0x1c/0x2c\n[ 3313.874718][ T4013] invoke_syscall+0x58/0x114\n[ 3313.874721][ T4013] el0_svc_common+0x80/0xe0\n[ 3313.874724][ T4013] do_el0_svc+0x1c/0x28\n[ 3313.874727][ T4013] el0_svc+0x38/0x68\n[ 3313.874730][ T4013] el0t_64_sync_handler+0x68/0xbc\n[ 3313.874732][ T4013] el0t_64_sync+0x1a8/0x1ac", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56587" }, { "cve":"CVE-2024-56593", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()\n\nThis patch fixes a NULL pointer dereference bug in brcmfmac that occurs\nwhen a high 'sd_sgentry_align' value applies (e.g. 512) and a lot of queued SKBs\nare sent from the pkt queue.\n\nThe problem is the number of entries in the pre-allocated sgtable, it is\nnents = max(rxglom_size, txglom_size) + max(rxglom_size, txglom_size) >> 4 + 1.\nGiven the default [rt]xglom_size=32 it's actually 35 which is too small.\nWorst case, the pkt queue can end up with 64 SKBs. This occurs when a new SKB\nis added for each original SKB if tailroom isn't enough to hold tail_pad.\nAt least one sg entry is needed for each SKB. So, eventually the \"skb_queue_walk loop\"\nin brcmf_sdiod_sglist_rw may run out of sg entries. This makes sg_next return\nNULL and this causes the oops.\n\nThe patch sets nents to max(rxglom_size, txglom_size) * 2 to be able handle\nthe worst-case.\nBtw. this requires only 64-35=29 * 16 (or 20 if CONFIG_NEED_SG_DMA_LENGTH) = 464\nadditional bytes of memory.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56593" }, { "cve":"CVE-2024-56600", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56600" }, { "cve":"CVE-2024-56602", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: do not leave a dangling sk pointer in ieee802154_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If ieee802154_create() fails later, the allocated sk object is\nfreed, but the dangling pointer remains in the provided sock object, which\nmay allow use-after-free.\n\nClear the sk pointer in the sock object on error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56602" }, { "cve":"CVE-2024-56616", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Fix MST sideband message body length check\n\nFix the MST sideband message body length check, which must be at least 1\nbyte accounting for the message body CRC (aka message data CRC) at the\nend of the message.\n\nThis fixes a case where an MST branch device returns a header with a\ncorrect header CRC (indicating a correctly received body length), with\nthe body length being incorrectly set to 0. This will later lead to a\nmemory corruption in drm_dp_sideband_append_payload() and the following\nerrors in dmesg:\n\n UBSAN: array-index-out-of-bounds in drivers/gpu/drm/display/drm_dp_mst_topology.c:786:25\n index -1 is out of range for type 'u8 [48]'\n Call Trace:\n drm_dp_sideband_append_payload+0x33d/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper]\n\n memcpy: detected field-spanning write (size 18446744073709551615) of single field \"&msg->msg[msg->curlen]\" at drivers/gpu/drm/display/drm_dp_mst_topology.c:791 (size 256)\n Call Trace:\n drm_dp_sideband_append_payload+0x324/0x350 [drm_display_helper]\n drm_dp_get_one_sb_msg+0x3ce/0x5f0 [drm_display_helper]\n drm_dp_mst_hpd_irq_handle_event+0xc8/0x1580 [drm_display_helper]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56616" }, { "cve":"CVE-2024-56625", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_set_termination(): allow sleeping GPIOs\n\nIn commit 6e86a1543c37 (\"can: dev: provide optional GPIO based\ntermination support\") GPIO based termination support was added.\n\nFor no particular reason that patch uses gpiod_set_value() to set the\nGPIO. This leads to the following warning, if the systems uses a\nsleeping GPIO, i.e. behind an I2C port expander:\n\n| WARNING: CPU: 0 PID: 379 at /drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x50/0x6c\n| CPU: 0 UID: 0 PID: 379 Comm: ip Not tainted 6.11.0-20241016-1 #1 823affae360cc91126e4d316d7a614a8bf86236c\n\nReplace gpiod_set_value() by gpiod_set_value_cansleep() to allow the\nuse of sleeping GPIOs.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56625" }, { "cve":"CVE-2024-56628", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Add architecture specific huge_pte_clear()\n\nWhen executing mm selftests run_vmtests.sh, there is such an error:\n\n BUG: Bad page state in process uffd-unit-tests pfn:00000\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x0\n flags: 0xffff0000002000(reserved|node=0|zone=0|lastcpupid=0xffff)\n raw: 00ffff0000002000 ffffbf0000000008 ffffbf0000000008 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Modules linked in: snd_seq_dummy snd_seq snd_seq_device rfkill vfat fat\n virtio_balloon efi_pstore virtio_net pstore net_failover failover fuse\n nfnetlink virtio_scsi virtio_gpu virtio_dma_buf dm_multipath efivarfs\n CPU: 2 UID: 0 PID: 1913 Comm: uffd-unit-tests Not tainted 6.12.0 #184\n Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022\n Stack : 900000047c8ac000 0000000000000000 9000000000223a7c 900000047c8ac000\n 900000047c8af690 900000047c8af698 0000000000000000 900000047c8af7d8\n 900000047c8af7d0 900000047c8af7d0 900000047c8af5b0 0000000000000001\n 0000000000000001 900000047c8af698 10b3c7d53da40d26 0000010000000000\n 0000000000000022 0000000fffffffff fffffffffe000000 ffff800000000000\n 000000000000002f 0000800000000000 000000017a6d4000 90000000028f8940\n 0000000000000000 0000000000000000 90000000025aa5e0 9000000002905000\n 0000000000000000 90000000028f8940 ffff800000000000 0000000000000000\n 0000000000000000 0000000000000000 9000000000223a94 000000012001839c\n 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d\n ...\n Call Trace:\n [<9000000000223a94>] show_stack+0x5c/0x180\n [<9000000001c3fd64>] dump_stack_lvl+0x6c/0xa0\n [<900000000056aa08>] bad_page+0x1a0/0x1f0\n [<9000000000574978>] free_unref_folios+0xbf0/0xd20\n [<90000000004e65cc>] folios_put_refs+0x1a4/0x2b8\n [<9000000000599a0c>] free_pages_and_swap_cache+0x164/0x260\n [<9000000000547698>] tlb_batch_pages_flush+0xa8/0x1c0\n [<9000000000547f30>] tlb_finish_mmu+0xa8/0x218\n [<9000000000543cb8>] exit_mmap+0x1a0/0x360\n [<9000000000247658>] __mmput+0x78/0x200\n [<900000000025583c>] do_exit+0x43c/0xde8\n [<9000000000256490>] do_group_exit+0x68/0x110\n [<9000000000256554>] sys_exit_group+0x1c/0x20\n [<9000000001c413b4>] do_syscall+0x94/0x130\n [<90000000002216d8>] handle_syscall+0xb8/0x158\n Disabling lock debugging due to kernel taint\n BUG: non-zero pgtables_bytes on freeing mm: -16384\n\nOn LoongArch system, invalid huge pte entry should be invalid_pte_table\nor a single _PAGE_HUGE bit rather than a zero value. And it should be\nthe same with invalid pmd entry, since pmd_none() is called by function\nfree_pgd_range() and pmd_none() return 0 by huge_pte_clear(). So single\n_PAGE_HUGE bit is also treated as a valid pte table and free_pte_range()\nwill be called in free_pmd_range().\n\n free_pmd_range()\n pmd = pmd_offset(pud, addr);\n do {\n next = pmd_addr_end(addr, end);\n if (pmd_none_or_clear_bad(pmd))\n continue;\n free_pte_range(tlb, pmd, addr);\n } while (pmd++, addr = next, addr != end);\n\nHere invalid_pte_table is used for both invalid huge pte entry and\npmd entry.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56628" }, { "cve":"CVE-2024-56635", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential UAF in default_operstate()\n\nsyzbot reported an UAF in default_operstate() [1]\n\nIssue is a race between device and netns dismantles.\n\nAfter calling __rtnl_unlock() from netdev_run_todo(),\nwe can not assume the netns of each device is still alive.\n\nMake sure the device is not in NETREG_UNREGISTERED state,\nand add an ASSERT_RTNL() before the call to\n__dev_get_by_index().\n\nWe might move this ASSERT_RTNL() in __dev_get_by_index()\nin the future.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\nRead of size 8 at addr ffff888043eba1b0 by task syz.0.0/5339\n\nCPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n __dev_get_by_index+0x5d/0x110 net/core/dev.c:852\n default_operstate net/core/link_watch.c:51 [inline]\n rfc2863_policy+0x224/0x300 net/core/link_watch.c:67\n linkwatch_do_dev+0x3e/0x170 net/core/link_watch.c:170\n netdev_run_todo+0x461/0x1000 net/core/dev.c:10894\n rtnl_unlock net/core/rtnetlink.c:152 [inline]\n rtnl_net_unlock include/linux/rtnetlink.h:133 [inline]\n rtnl_dellink+0x760/0x8d0 net/core/rtnetlink.c:3520\n rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2541\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2a3cb80809\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f2a3d9cd058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f2a3cd45fa0 RCX: 00007f2a3cb80809\nRDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008\nRBP: 00007f2a3cbf393e R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f2a3cd45fa0 R15: 00007ffd03bc65c8\n \n\nAllocated by task 5339:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kmalloc_array_noprof include/linux/slab.h:945 [inline]\n netdev_create_hash net/core/dev.c:11870 [inline]\n netdev_init+0x10c/0x250 net/core/dev.c:11890\n ops_init+0x31e/0x590 net/core/net_namespace.c:138\n setup_net+0x287/0x9e0 net/core/net_namespace.c:362\n copy_net_ns+0x33f/0x570 net/core/net_namespace.c:500\n create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228\n ksys_unshare+0x57d/0xa70 kernel/fork.c:3314\n __do_sys_unshare kernel/fork.c:3385 [inline]\n __se_sys_unshare kernel/fork.c:3383 [inline]\n __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x8\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56635" }, { "cve":"CVE-2024-56636", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: do not assume mac header is set in geneve_xmit_skb()\n\nWe should not assume mac header is set in output path.\n\nUse skb_eth_hdr() instead of eth_hdr() to fix the issue.\n\nsysbot reported the following :\n\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 skb_mac_header include/linux/skbuff.h:3052 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 eth_hdr include/linux/if_ether.h:24 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nModules linked in:\nCPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_mac_header include/linux/skbuff.h:3052 [inline]\n RIP: 0010:eth_hdr include/linux/if_ether.h:24 [inline]\n RIP: 0010:geneve_xmit_skb drivers/net/geneve.c:898 [inline]\n RIP: 0010:geneve_xmit+0x4c38/0x5730 drivers/net/geneve.c:1039\nCode: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 <0f> 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff\nRSP: 0018:ffffc90003b2f870 EFLAGS: 00010283\nRAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000\nRDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003\nRBP: ffffc90003b2f9f0 R08: 0000000000000003 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff88806603c000\nR13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23\nFS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n __dev_direct_xmit+0x58a/0x720 net/core/dev.c:4490\n dev_direct_xmit include/linux/netdevice.h:3181 [inline]\n packet_xmit+0x1e4/0x360 net/packet/af_packet.c:285\n packet_snd net/packet/af_packet.c:3146 [inline]\n packet_sendmsg+0x2700/0x5660 net/packet/af_packet.c:3178\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg net/socket.c:726 [inline]\n __sys_sendto+0x488/0x4f0 net/socket.c:2197\n __do_sys_sendto net/socket.c:2204 [inline]\n __se_sys_sendto net/socket.c:2200 [inline]\n __x64_sys_sendto+0xe0/0x1c0 net/socket.c:2200\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56636" }, { "cve":"CVE-2024-56643", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix memory leak in dccp_feat_change_recv\n\nIf dccp_feat_push_confirm() fails after new value for SP feature was accepted\nwithout reconciliation ('entry == NULL' branch), memory allocated for that value\nwith dccp_feat_clone_sp_val() is never freed.\n\nHere is the kmemleak stack for this:\n\nunreferenced object 0xffff88801d4ab488 (size 8):\n comm \"syz-executor310\", pid 1127, jiffies 4295085598 (age 41.666s)\n hex dump (first 8 bytes):\n 01 b4 4a 1d 80 88 ff ff ..J.....\n backtrace:\n [<00000000db7cabfe>] kmemdup+0x23/0x50 mm/util.c:128\n [<0000000019b38405>] kmemdup include/linux/string.h:465 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:371 [inline]\n [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:367 [inline]\n [<0000000019b38405>] dccp_feat_change_recv net/dccp/feat.c:1145 [inline]\n [<0000000019b38405>] dccp_feat_parse_options+0x1196/0x2180 net/dccp/feat.c:1416\n [<00000000b1f6d94a>] dccp_parse_options+0xa2a/0x1260 net/dccp/options.c:125\n [<0000000030d7b621>] dccp_rcv_state_process+0x197/0x13d0 net/dccp/input.c:650\n [<000000001f74c72e>] dccp_v4_do_rcv+0xf9/0x1a0 net/dccp/ipv4.c:688\n [<00000000a6c24128>] sk_backlog_rcv include/net/sock.h:1041 [inline]\n [<00000000a6c24128>] __release_sock+0x139/0x3b0 net/core/sock.c:2570\n [<00000000cf1f3a53>] release_sock+0x54/0x1b0 net/core/sock.c:3111\n [<000000008422fa23>] inet_wait_for_connect net/ipv4/af_inet.c:603 [inline]\n [<000000008422fa23>] __inet_stream_connect+0x5d0/0xf70 net/ipv4/af_inet.c:696\n [<0000000015b6f64d>] inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:735\n [<0000000010122488>] __sys_connect_file+0x15c/0x1a0 net/socket.c:1865\n [<00000000b4b70023>] __sys_connect+0x165/0x1a0 net/socket.c:1882\n [<00000000f4cb3815>] __do_sys_connect net/socket.c:1892 [inline]\n [<00000000f4cb3815>] __se_sys_connect net/socket.c:1889 [inline]\n [<00000000f4cb3815>] __x64_sys_connect+0x6e/0xb0 net/socket.c:1889\n [<00000000e7b1e839>] do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n [<0000000055e91434>] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nClean up the allocated memory in case of dccp_feat_push_confirm() failure\nand bail out with an error reset code.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56643" }, { "cve":"CVE-2024-56644", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: release expired exception dst cached in socket\n\nDst objects get leaked in ip6_negative_advice() when this function is\nexecuted for an expired IPv6 route located in the exception table. There\nare several conditions that must be fulfilled for the leak to occur:\n* an ICMPv6 packet indicating a change of the MTU for the path is received,\n resulting in an exception dst being created\n* a TCP connection that uses the exception dst for routing packets must\n start timing out so that TCP begins retransmissions\n* after the exception dst expires, the FIB6 garbage collector must not run\n before TCP executes ip6_negative_advice() for the expired exception dst\n\nWhen TCP executes ip6_negative_advice() for an exception dst that has\nexpired and if no other socket holds a reference to the exception dst, the\nrefcount of the exception dst is 2, which corresponds to the increment\nmade by dst_init() and the increment made by the TCP socket for which the\nconnection is timing out. The refcount made by the socket is never\nreleased. The refcount of the dst is decremented in sk_dst_reset() but\nthat decrement is counteracted by a dst_hold() intentionally placed just\nbefore the sk_dst_reset() in ip6_negative_advice(). After\nip6_negative_advice() has finished, there is no other object tied to the\ndst. The socket lost its reference stored in sk_dst_cache and the dst is\nno longer in the exception table. The exception dst becomes a leaked\nobject.\n\nAs a result of this dst leak, an unbalanced refcount is reported for the\nloopback device of a net namespace being destroyed under kernels that do\nnot contain e5f80fcf869a (\"ipv6: give an IPv6 dev to blackhole_netdev\"):\nunregister_netdevice: waiting for lo to become free. Usage count = 2\n\nFix the dst leak by removing the dst_hold() in ip6_negative_advice(). The\npatch that introduced the dst_hold() in ip6_negative_advice() was\n92f1655aa2b22 (\"net: fix __dst_negative_advice() race\"). But 92f1655aa2b22\nmerely refactored the code with regards to the dst refcount so the issue\nwas present even before 92f1655aa2b22. The bug was introduced in\n54c1a859efd9f (\"ipv6: Don't drop cache route entry unless timer actually\nexpired.\") where the expired cached route is deleted and the sk_dst_cache\nmember of the socket is set to NULL by calling dst_negative_advice() but\nthe refcount belonging to the socket is left unbalanced.\n\nThe IPv4 version - ipv4_negative_advice() - is not affected by this bug.\nWhen the TCP connection times out ipv4_negative_advice() merely resets the\nsk_dst_cache of the socket while decrementing the refcount of the\nexception dst.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":2.5, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56644" }, { "cve":"CVE-2024-56645", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: j1939_session_new(): fix skb reference counting\n\nSince j1939_session_skb_queue() does an extra skb_get() for each new\nskb, do the same for the initial one in j1939_session_new() to avoid\nrefcount underflow.\n\n[mkl: clean up commit message]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56645" }, { "cve":"CVE-2024-56651", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: hi311x: hi3110_can_ist(): fix potential use-after-free\n\nThe commit a22bd630cfff (\"can: hi311x: do not report txerr and rxerr\nduring bus-off\") removed the reporting of rxerr and txerr even in case\nof correct operation (i. e. not bus-off).\n\nThe error count information added to the CAN frame after netif_rx() is\na potential use after free, since there is no guarantee that the skb\nis in the same state. It might be freed or reused.\n\nFix the issue by postponing the netif_rx() call in case of txerr and\nrxerr reporting.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56651" }, { "cve":"CVE-2024-56664", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket's close() link popping & unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(&stab->lock)\n osk = stab->sks[idx]\n sock_map_add_link(..., &stab->sks[idx])\n sock_map_unref(osk, &stab->sks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(&psock))\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(&stab->lock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56664" }, { "cve":"CVE-2024-56678", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/mm/fault: Fix kfence page fault reporting\n\ncopy_from_kernel_nofault() can be called when doing read of /proc/kcore.\n/proc/kcore can have some unmapped kfence objects which when read via\ncopy_from_kernel_nofault() can cause page faults. Since *_nofault()\nfunctions define their own fixup table for handling fault, use that\ninstead of asking kfence to handle such faults.\n\nHence we search the exception tables for the nip which generated the\nfault. If there is an entry then we let the fixup table handler handle the\npage fault by returning an error from within ___do_page_fault().\n\nThis can be easily triggered if someone tries to do dd from /proc/kcore.\neg. dd if=/proc/kcore of=/dev/null bs=1M\n\nSome example false negatives:\n\n ===============================\n BUG: KFENCE: invalid read in copy_from_kernel_nofault+0x9c/0x1a0\n Invalid read at 0xc0000000fdff0000:\n copy_from_kernel_nofault+0x9c/0x1a0\n 0xc00000000665f950\n read_kcore_iter+0x57c/0xa04\n proc_reg_read_iter+0xe4/0x16c\n vfs_read+0x320/0x3ec\n ksys_read+0x90/0x154\n system_call_exception+0x120/0x310\n system_call_vectored_common+0x15c/0x2ec\n\n BUG: KFENCE: use-after-free read in copy_from_kernel_nofault+0x9c/0x1a0\n Use-after-free read at 0xc0000000fe050000 (in kfence-#2):\n copy_from_kernel_nofault+0x9c/0x1a0\n 0xc00000000665f950\n read_kcore_iter+0x57c/0xa04\n proc_reg_read_iter+0xe4/0x16c\n vfs_read+0x320/0x3ec\n ksys_read+0x90/0x154\n system_call_exception+0x120/0x310\n system_call_vectored_common+0x15c/0x2ec", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56678" }, { "cve":"CVE-2024-56689", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'\n\nIf platform_get_resource_byname() fails and returns NULL because DT lacks\nan 'mmio' property for the MHI endpoint, dereferencing res->start will\ncause a NULL pointer access. Add a check to prevent it.\n\n[kwilczynski: error message update per the review feedback]\n[bhelgaas: commit log]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56689" }, { "cve":"CVE-2024-56694", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix recursive lock when verdict program return SK_PASS\n\nWhen the stream_verdict program returns SK_PASS, it places the received skb\ninto its own receive queue, but a recursive lock eventually occurs, leading\nto an operating system deadlock. This issue has been present since v6.9.\n\n'''\nsk_psock_strp_data_ready\n write_lock_bh(&sk->sk_callback_lock)\n strp_data_ready\n strp_read_sock\n read_sock -> tcp_read_sock\n strp_recv\n cb.rcv_msg -> sk_psock_strp_read\n # now stream_verdict return SK_PASS without peer sock assign\n __SK_PASS = sk_psock_map_verd(SK_PASS, NULL)\n sk_psock_verdict_apply\n sk_psock_skb_ingress_self\n sk_psock_skb_ingress_enqueue\n sk_psock_data_ready\n read_lock_bh(&sk->sk_callback_lock) <= dead lock\n\n'''\n\nThis topic has been discussed before, but it has not been fixed.\nPrevious discussion:\nhttps://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56694" }, { "cve":"CVE-2024-56707", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c\n\nAdd error pointer checks after calling otx2_mbox_get_rsp().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56707" }, { "cve":"CVE-2024-56710", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix memory leak in ceph_direct_read_write()\n\nThe bvecs array which is allocated in iter_get_bvecs_alloc() is leaked\nand pages remain pinned if ceph_alloc_sparse_ext_map() fails.\n\nThere is no need to delay the allocation of sparse_ext map until after\nthe bvecs array is set up, so fix this by moving sparse_ext allocation\na bit earlier. Also, make a similar adjustment in __ceph_sync_read()\nfor consistency (a leak of the same kind in __ceph_sync_read() has been\naddressed differently).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56710" }, { "cve":"CVE-2024-56723", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56723" }, { "cve":"CVE-2024-56724", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56724" }, { "cve":"CVE-2024-56725", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c\n\nAdd error pointer check after calling otx2_mbox_get_rsp().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56725" }, { "cve":"CVE-2024-56727", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c\n\nAdding error pointer check after calling otx2_mbox_get_rsp().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56727" }, { "cve":"CVE-2024-56751", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56751" }, { "cve":"CVE-2024-56754", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - Fix the pointer passed to caam_qi_shutdown()\n\nThe type of the last parameter given to devm_add_action_or_reset() is\n\"struct caam_drv_private *\", but in caam_qi_shutdown(), it is casted to\n\"struct device *\".\n\nPass the correct parameter to devm_add_action_or_reset() so that the\nresources are released as expected.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56754" }, { "cve":"CVE-2024-56774", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: add a sanity check for btrfs root in btrfs_search_slot()\n\nSyzbot reports a null-ptr-deref in btrfs_search_slot().\n\nThe reproducer is using rescue=ibadroots, and the extent tree root is\ncorrupted thus the extent tree is NULL.\n\nWhen scrub tries to search the extent tree to gather the needed extent\ninfo, btrfs_search_slot() doesn't check if the target root is NULL or\nnot, resulting the null-ptr-deref.\n\nAdd sanity check for btrfs root before using it in btrfs_search_slot().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56774" }, { "cve":"CVE-2024-57795", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Remove the direct link to net_device\n\nThe similar patch in siw is in the link:\nhttps://git.kernel.org/rdma/rdma/c/16b87037b48889\n\nThis problem also occurred in RXE. The following analyze this problem.\nIn the following Call Traces:\n\"\nBUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\nRead of size 4 at addr ffff8880554640b0 by task kworker/1:4/5295\n\nCPU: 1 UID: 0 PID: 5295 Comm: kworker/1:4 Not tainted\n6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0\nHardware name: Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nWorkqueue: infiniband ib_cache_event_task\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n dev_get_flags+0x188/0x1d0 net/core/dev.c:8782\n rxe_query_port+0x12d/0x260 drivers/infiniband/sw/rxe/rxe_verbs.c:60\n __ib_query_port drivers/infiniband/core/device.c:2111 [inline]\n ib_query_port+0x168/0x7d0 drivers/infiniband/core/device.c:2143\n ib_cache_update+0x1a9/0xb80 drivers/infiniband/core/cache.c:1494\n ib_cache_event_task+0xf3/0x1e0 drivers/infiniband/core/cache.c:1568\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\"\n\n1). In the link [1],\n\n\"\n infiniband syz2: set down\n\"\n\nThis means that on 839.350575, the event ib_cache_event_task was sent andi\nqueued in ib_wq.\n\n2). In the link [1],\n\n\"\n team0 (unregistering): Port device team_slave_0 removed\n\"\n\nIt indicates that before 843.251853, the net device should be freed.\n\n3). In the link [1],\n\n\"\n BUG: KASAN: slab-use-after-free in dev_get_flags+0x188/0x1d0\n\"\n\nThis means that on 850.559070, this slab-use-after-free problem occurred.\n\nIn all, on 839.350575, the event ib_cache_event_task was sent and queued\nin ib_wq,\n\nbefore 843.251853, the net device veth was freed.\n\non 850.559070, this event was executed, and the mentioned freed net device\nwas called. Thus, the above call trace occurred.\n\n[1] https://syzkaller.appspot.com/x/log.txt?x=12e7025f980000", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57795" }, { "cve":"CVE-2024-57857", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Remove direct link to net_device\n\nDo not manage a per device direct link to net_device. Rely\non associated ib_devices net_device management, not doubling\nthe effort locally. A badly managed local link to net_device\nwas causing a 'KASAN: slab-use-after-free' exception during\nsiw_query_port() call.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57857" }, { "cve":"CVE-2024-57908", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: kmx61: fix information leak in triggered buffer\n\nThe 'buffer' local array is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the array to zero before using it to avoid pushing\nuninitialized information to userspace.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57908" }, { "cve":"CVE-2024-57911", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer\n\nThe 'data' array is allocated via kmalloc() and it is used to push data\nto user space from a triggered buffer, but it does not set values for\ninactive channels, as it only uses iio_for_each_active_channel()\nto assign new values.\n\nUse kzalloc for the memory allocation to avoid pushing uninitialized\ninformation to userspace.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57911" }, { "cve":"CVE-2024-57912", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: pressure: zpa2326: fix information leak in triggered buffer\n\nThe 'sample' local struct is used to push data to user space from a\ntriggered buffer, but it has a hole between the temperature and the\ntimestamp (u32 pressure, u16 temperature, GAP, u64 timestamp).\nThis hole is never initialized.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57912" }, { "cve":"CVE-2024-57929", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm array: fix releasing a faulty array block twice in dm_array_cursor_end\n\nWhen dm_bm_read_lock() fails due to locking or checksum errors, it\nreleases the faulty block implicitly while leaving an invalid output\npointer behind. The caller of dm_bm_read_lock() should not operate on\nthis invalid dm_block pointer, or it will lead to undefined result.\nFor example, the dm_array_cursor incorrectly caches the invalid pointer\non reading a faulty array block, causing a double release in\ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put().\n\nReproduce steps:\n\n1. initialize a cache device\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. wipe the second array block offline\n\ndmsteup remove cache cmeta cdata corig\nmapping_root=$(dd if=/dev/sdc bs=1c count=8 skip=192 \\\n2>/dev/null | hexdump -e '1/8 \"%u\\n\"')\nablock=$(dd if=/dev/sdc bs=1c count=8 skip=$((4096*mapping_root+2056)) \\\n2>/dev/null | hexdump -e '1/8 \"%u\\n\"')\ndd if=/dev/zero of=/dev/sdc bs=4k count=1 seek=$ablock\n\n3. try reopen the cache device\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\"\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\nKernel logs:\n\n(snip)\ndevice-mapper: array: array_block_check failed: blocknr 0 != wanted 10\ndevice-mapper: block manager: array validator check failed for block 10\ndevice-mapper: array: get_ablock failed\ndevice-mapper: cache metadata: dm_array_cursor_next for mapping failed\n------------[ cut here ]------------\nkernel BUG at drivers/md/dm-bufio.c:638!\n\nFix by setting the cached block pointer to NULL on errors.\n\nIn addition to the reproducer described above, this fix can be\nverified using the \"array_cursor/damaged\" test in dm-unit:\n dm-unit run /pdata/array_cursor/damaged --kernel-dir ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.0, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-57929" }, { "cve":"CVE-2024-57952", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"libfs: fix infinite directory reads for offset dir\"\n\nThe current directory offset allocator (based on mtree_alloc_cyclic)\nstores the next offset value to return in octx->next_offset. This\nmechanism typically returns values that increase monotonically over\ntime. Eventually, though, the newly allocated offset value wraps\nback to a low number (say, 2) which is smaller than other already-\nallocated offset values.\n\nYu Kuai reports that, after commit 64a7ce76fb90\n(\"libfs: fix infinite directory reads for offset dir\"), if a\ndirectory's offset allocator wraps, existing entries are no longer\nvisible via readdir/getdents because offset_readdir() stops listing\nentries once an entry's offset is larger than octx->next_offset.\nThese entries vanish persistently -- they can be looked up, but will\nnever again appear in readdir(3) output.\n\nThe reason for this is that the commit treats directory offsets as\nmonotonically increasing integer values rather than opaque cookies,\nand introduces this comparison:\n\n\tif (dentry2offset(dentry) >= last_index) {\n\nOn 64-bit platforms, the directory offset value upper bound is\n2^63 - 1. Directory offsets will monotonically increase for millions\nof years without wrapping.\n\nOn 32-bit platforms, however, LONG_MAX is 2^31 - 1. The allocator\ncan wrap after only a few weeks (at worst).\n\nRevert commit 64a7ce76fb90 (\"libfs: fix infinite directory reads for\noffset dir\") to prepare for a fix that can work properly on 32-bit\nsystems and might apply to recent LTS kernels where shmem employs\nthe simple_offset mechanism.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-57952" }, { "cve":"CVE-2024-57996", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don't allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type 'struct sfq_head[128]'\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q->tail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-57996" }, { "cve":"CVE-2024-57999", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn't map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-57999" }, { "cve":"CVE-2024-58002", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58002" }, { "cve":"CVE-2024-58003", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ds90ub9x3: Fix extra fwnode_handle_put()\n\nThe ub913 and ub953 drivers call fwnode_handle_put(priv->sd.fwnode) as\npart of their remove process, and if the driver is removed multiple\ntimes, eventually leads to put \"overflow\", possibly causing memory\ncorruption or crash.\n\nThe fwnode_handle_put() is a leftover from commit 905f88ccebb1 (\"media:\ni2c: ds90ub9x3: Fix sub-device matching\"), which changed the code\nrelated to the sd.fwnode, but missed removing these fwnode_handle_put()\ncalls.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58003" }, { "cve":"CVE-2024-58007", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It's always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it's\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58007" }, { "cve":"CVE-2024-58009", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-58009" }, { "cve":"CVE-2024-58011", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58011" }, { "cve":"CVE-2024-58013", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58013" }, { "cve":"CVE-2024-58014", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN()\ninstead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58014" }, { "cve":"CVE-2024-58016", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsafesetid: check size of policy writes\n\nsyzbot attempts to write a buffer with a large size to a sysfs entry\nwith writes handled by handle_policy_update(), triggering a warning\nin kmalloc.\n\nCheck the size specified for write buffers before allocating.\n\n[PM: subject tweak]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58016" }, { "cve":"CVE-2024-58017", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 << 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58017" }, { "cve":"CVE-2024-58076", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we'll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it's missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58076" }, { "cve":"CVE-2024-58079", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58079" }, { "cve":"CVE-2024-58083", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate '0', i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn't exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm->vcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it's fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58083" }, { "cve":"CVE-2024-58086", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d->active_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d->active_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58086" }, { "cve":"CVE-2024-58088", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\n\t\t(acquiring local_storage->lock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage->lock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A's\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58088" }, { "cve":"CVE-2024-58090", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Prevent rescheduling when interrupts are disabled\n\nDavid reported a warning observed while loop testing kexec jump:\n\n Interrupts enabled after irqrouter_resume+0x0/0x50\n WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220\n kernel_kexec+0xf6/0x180\n __do_sys_reboot+0x206/0x250\n do_syscall_64+0x95/0x180\n\nThe corresponding interrupt flag trace:\n\n hardirqs last enabled at (15573): [] __up_console_sem+0x7e/0x90\n hardirqs last disabled at (15580): [] __up_console_sem+0x63/0x90\n\nThat means __up_console_sem() was invoked with interrupts enabled. Further\ninstrumentation revealed that in the interrupt disabled section of kexec\njump one of the syscore_suspend() callbacks woke up a task, which set the\nNEED_RESCHED flag. A later callback in the resume path invoked\ncond_resched() which in turn led to the invocation of the scheduler:\n\n __cond_resched+0x21/0x60\n down_timeout+0x18/0x60\n acpi_os_wait_semaphore+0x4c/0x80\n acpi_ut_acquire_mutex+0x3d/0x100\n acpi_ns_get_node+0x27/0x60\n acpi_ns_evaluate+0x1cb/0x2d0\n acpi_rs_set_srs_method_data+0x156/0x190\n acpi_pci_link_set+0x11c/0x290\n irqrouter_resume+0x54/0x60\n syscore_resume+0x6a/0x200\n kernel_kexec+0x145/0x1c0\n __do_sys_reboot+0xeb/0x240\n do_syscall_64+0x95/0x180\n\nThis is a long standing problem, which probably got more visible with\nthe recent printk changes. Something does a task wakeup and the\nscheduler sets the NEED_RESCHED flag. cond_resched() sees it set and\ninvokes schedule() from a completely bogus context. The scheduler\nenables interrupts after context switching, which causes the above\nwarning at the end.\n\nQuite some of the code paths in syscore_suspend()/resume() can result in\ntriggering a wakeup with the exactly same consequences. They might not\nhave done so yet, but as they share a lot of code with normal operations\nit's just a question of time.\n\nThe problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling\nmodels. Full preemption is not affected as cond_resched() is disabled and\nthe preemption check preemptible() takes the interrupt disabled flag into\naccount.\n\nCure the problem by adding a corresponding check into cond_resched().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58090" }, { "cve":"CVE-2025-21636", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.probe_interval' is\nused.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21636" }, { "cve":"CVE-2025-21637", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21637" }, { "cve":"CVE-2025-21638", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21638" }, { "cve":"CVE-2025-21640", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.sctp_hmac_alg' is\nused.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21640" }, { "cve":"CVE-2025-21665", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21665" }, { "cve":"CVE-2025-21666", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn't.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21666" }, { "cve":"CVE-2025-21669", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk->transport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk->transport` at NULL, leading to a\nNULL pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21669" }, { "cve":"CVE-2025-21675", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That's because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 1\n mlx5_lag_destroy_definers() <- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() <- Failed on tt 0\n mlx5_lag_destroy_definers() <- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21675" }, { "cve":"CVE-2025-21690", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there's a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn't DoS the VM.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21690" }, { "cve":"CVE-2025-21692", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type 'ets_class [16]'\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \n [ 18.888610] ---[ end trace ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21692" }, { "cve":"CVE-2025-21697", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21697" }, { "cve":"CVE-2025-21700", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug <=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21700" }, { "cve":"CVE-2025-21701", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock->magic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21701" }, { "cve":"CVE-2025-21709", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nkernel: be more careful about dup_mmap() failures and uprobe registering\n\nIf a memory allocation fails during dup_mmap(), the maple tree can be left\nin an unsafe state for other iterators besides the exit path. All the\nlocks are dropped before the exit_mmap() call (in mm/mmap.c), but the\nincomplete mm_struct can be reached through (at least) the rmap finding\nthe vmas which have a pointer back to the mm_struct.\n\nUp to this point, there have been no issues with being able to find an\nmm_struct that was only partially initialised. Syzbot was able to make\nthe incomplete mm_struct fail with recent forking changes, so it has been\nproven unsafe to use the mm_struct that hasn't been initialised, as\nreferenced in the link below.\n\nAlthough 8ac662f5da19f (\"fork: avoid inappropriate uprobe access to\ninvalid mm\") fixed the uprobe access, it does not completely remove the\nrace.\n\nThis patch sets the MMF_OOM_SKIP to avoid the iteration of the vmas on the\noom side (even though this is extremely unlikely to be selected as an oom\nvictim in the race window), and sets MMF_UNSTABLE to avoid other potential\nusers from using a partially initialised mm_struct.\n\nWhen registering vmas for uprobe, skip the vmas in an mm that is marked\nunstable. Modifying a vma in an unstable mm may cause issues if the mm\nisn't fully initialised.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21709" }, { "cve":"CVE-2025-21712", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime\n\nAfter commit ec6bb299c7c3 (\"md/md-bitmap: add 'sync_size' into struct\nmd_bitmap_stats\"), following panic is reported:\n\nOops: general protection fault, probably for non-canonical address\nRIP: 0010:bitmap_get_stats+0x2b/0xa0\nCall Trace:\n \n md_seq_show+0x2d2/0x5b0\n seq_read_iter+0x2b9/0x470\n seq_read+0x12f/0x180\n proc_reg_read+0x57/0xb0\n vfs_read+0xf6/0x380\n ksys_read+0x6c/0xf0\n do_syscall_64+0x82/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that bitmap_get_stats() can be called at anytime if mddev\nis still there, even if bitmap is destroyed, or not fully initialized.\nDeferenceing bitmap in this case can crash the kernel. Meanwhile, the\nabove commit start to deferencing bitmap->storage, make the problem\neasier to trigger.\n\nFix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21712" }, { "cve":"CVE-2025-21721", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: handle errors that nilfs_prepare_chunk() may return\n\nPatch series \"nilfs2: fix issues with rename operations\".\n\nThis series fixes BUG_ON check failures reported by syzbot around rename\noperations, and a minor behavioral issue where the mtime of a child\ndirectory changes when it is renamed instead of moved.\n\n\nThis patch (of 2):\n\nThe directory manipulation routines nilfs_set_link() and\nnilfs_delete_entry() rewrite the directory entry in the folio/page\npreviously read by nilfs_find_entry(), so error handling is omitted on the\nassumption that nilfs_prepare_chunk(), which prepares the buffer for\nrewriting, will always succeed for these. And if an error is returned, it\ntriggers the legacy BUG_ON() checks in each routine.\n\nThis assumption is wrong, as proven by syzbot: the buffer layer called by\nnilfs_prepare_chunk() may call nilfs_get_block() if necessary, which may\nfail due to metadata corruption or other reasons. This has been there all\nalong, but improved sanity checks and error handling may have made it more\nreproducible in fuzzing tests.\n\nFix this issue by adding missing error paths in nilfs_set_link(),\nnilfs_delete_entry(), and their caller nilfs_rename().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21721" }, { "cve":"CVE-2025-21735", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it's more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21735" }, { "cve":"CVE-2025-21739", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba's\ndata structure 'struct ufs_hba::crypto_profile'. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released 'struct ufs_hba::crypto_profile'. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they've been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it's not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21739" }, { "cve":"CVE-2025-21741", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21741" }, { "cve":"CVE-2025-21742", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21742" }, { "cve":"CVE-2025-21744", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr->if2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp->ndev->stats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21744" }, { "cve":"CVE-2025-21746", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics - fix crash when enabling pass-through port\n\nWhen enabling a pass-through port an interrupt might come before psmouse\ndriver binds to the pass-through port. However synaptics sub-driver\ntries to access psmouse instance presumably associated with the\npass-through port to figure out if only 1 byte of response or entire\nprotocol packet needs to be forwarded to the pass-through port and may\ncrash if psmouse instance has not been attached to the port yet.\n\nFix the crash by introducing open() and close() methods for the port and\ncheck if the port is open before trying to access psmouse instance.\nBecause psmouse calls serio_open() only after attaching psmouse instance\nto serio port instance this prevents the potential crash.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21746" }, { "cve":"CVE-2025-21748", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix integer overflows on 32 bit systems\n\nOn 32bit systems the addition operations in ipc_msg_alloc() can\npotentially overflow leading to memory corruption.\nAdd bounds checking using KSMBD_IPC_MAX_PAYLOAD to avoid overflow.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21748" }, { "cve":"CVE-2025-21749", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21749" }, { "cve":"CVE-2025-21753", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it's aborted,\nwe read its 'aborted' field after unlocking fs_info->trans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its 'aborted' field, leading to a use-after-free.\n\nFix this by reading the 'aborted' field while holding fs_info->trans_lock\nsince any freeing task must first acquire that lock and set\nfs_info->running_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21753" }, { "cve":"CVE-2025-21758", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net->ipv6.igmp_sk\nsocket under RCU protection.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21758" }, { "cve":"CVE-2025-21759", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net->ipv6.igmp_sk\nsocket under RCU protection.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21759" }, { "cve":"CVE-2025-21760", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21760" }, { "cve":"CVE-2025-21761", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21761" }, { "cve":"CVE-2025-21762", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21762" }, { "cve":"CVE-2025-21763", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21763" }, { "cve":"CVE-2025-21764", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21764" }, { "cve":"CVE-2025-21765", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21765" }, { "cve":"CVE-2025-21766", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21766" }, { "cve":"CVE-2025-21772", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21772" }, { "cve":"CVE-2025-21773", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev->serial\n\nThe driver assumed that es58x_dev->udev->serial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev->udev->serial before accessing it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21773" }, { "cve":"CVE-2025-21775", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21775" }, { "cve":"CVE-2025-21779", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel\n\nAdvertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don't rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan't be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21779" }, { "cve":"CVE-2025-21780", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21780" }, { "cve":"CVE-2025-21781", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn't a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh->bat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21781" }, { "cve":"CVE-2025-21784", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21784" }, { "cve":"CVE-2025-21790", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21790" }, { "cve":"CVE-2025-21792", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21792" }, { "cve":"CVE-2025-21793", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu's warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21793" }, { "cve":"CVE-2025-21821", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21821" }, { "cve":"CVE-2025-21826", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject mismatching sum of field_len with set key length\n\nThe field length description provides the length of each separated key\nfield in the concatenation, each field gets rounded up to 32-bits to\ncalculate the pipapo rule width from pipapo_init(). The set key length\nprovides the total size of the key aligned to 32-bits.\n\nRegister-based arithmetics still allows for combining mismatching set\nkey length and field length description, eg. set key length 10 and field\ndescription [ 5, 4 ] leading to pipapo width of 12.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21826" }, { "cve":"CVE-2025-21830", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21830" }, { "cve":"CVE-2025-21831", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won't be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21831" }, { "cve":"CVE-2025-21835", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21835" }, { "cve":"CVE-2025-21836", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21836" }, { "cve":"CVE-2025-21838", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget->work\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(&gadget->work)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21838" }, { "cve":"CVE-2025-21847", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps->cstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps->stream is NULL is incorrect and can\nlead to NULL pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21847" }, { "cve":"CVE-2025-21848", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21848" }, { "cve":"CVE-2025-21855", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don't reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb->len\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n <...>\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n <...>\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n <...>\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21855" }, { "cve":"CVE-2025-21857", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts->actions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts->actions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21857" }, { "cve":"CVE-2025-21858", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)->geneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet's call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21858" }, { "cve":"CVE-2025-21859", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21859" }, { "cve":"CVE-2025-21862", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let's place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21862" }, { "cve":"CVE-2025-21866", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n >f1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21866" }, { "cve":"CVE-2025-21867", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb's data\nthat didn't contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size >\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21867" }, { "cve":"CVE-2025-21870", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier->data is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w->private is valid\n2. the dai (and thus the copier) is ALH copier", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21870" }, { "cve":"CVE-2025-21871", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it's possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21871" }, { "cve":"CVE-2025-21873", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn't support arpmb we'll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job's reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21873" }, { "cve":"CVE-2025-21877", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register 'gl620a' at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21877" }, { "cve":"CVE-2025-21878", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21878" }, { "cve":"CVE-2025-21881", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(&(0x7f0000000000)='./file0\\x00', 0x8)\n write$nbd(r2, &(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\\x00', 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], &(0x7f0000000000)='GPL\\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={&(0x7f0000000080)='./file0\\x00', &(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()->__replace_page() to unconditional decrease the\nRSS count and old_folio's refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio->refcount is zero,\n then free_pages_prepare->free_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -> ...\n -> folio_remove_rmap_pte()\n -> VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21881" }, { "cve":"CVE-2025-21883", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 > /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 > /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next->prev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21883" }, { "cve":"CVE-2025-21885", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21885" }, { "cve":"CVE-2025-21888", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -> mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff <0f> 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21888" }, { "cve":"CVE-2025-21892", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don't\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21892" }, { "cve":"CVE-2025-21895", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc->pmu != next_epc->pmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out &\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21895" }, { "cve":"CVE-2025-21898", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Avoid potential division by zero in function_stat_show()\n\nCheck whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}\nproduce zero and skip stddev computation in that case.\n\nFor now don't care about rec->counter * rec->counter overflow because\nrec->time * rec->time overflow will likely happen earlier.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21898" }, { "cve":"CVE-2025-21899", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix bad hist from corrupting named_triggers list\n\nThe following commands causes a crash:\n\n ~# cd /sys/kernel/tracing/events/rcu/rcu_callback\n ~# echo 'hist:name=bad:keys=common_pid:onmax(bogus).save(common_pid)' > trigger\n bash: echo: write error: Invalid argument\n ~# echo 'hist:name=bad:keys=common_pid' > trigger\n\nBecause the following occurs:\n\nevent_trigger_write() {\n trigger_process_regex() {\n event_hist_trigger_parse() {\n\n data = event_trigger_alloc(..);\n\n event_trigger_register(.., data) {\n cmd_ops->reg(.., data, ..) [hist_register_trigger()] {\n data->ops->init() [event_hist_trigger_init()] {\n save_named_trigger(name, data) {\n list_add(&data->named_list, &named_triggers);\n }\n }\n }\n }\n\n ret = create_actions(); (return -EINVAL)\n if (ret)\n goto out_unreg;\n[..]\n ret = hist_trigger_enable(data, ...) {\n list_add_tail_rcu(&data->list, &file->triggers); <<<---- SKIPPED!!! (this is important!)\n[..]\n out_unreg:\n event_hist_unregister(.., data) {\n cmd_ops->unreg(.., data, ..) [hist_unregister_trigger()] {\n list_for_each_entry(iter, &file->triggers, list) {\n if (!hist_trigger_match(data, iter, named_data, false)) <- never matches\n continue;\n [..]\n test = iter;\n }\n if (test && test->ops->free) <<<-- test is NULL\n\n test->ops->free(test) [event_hist_trigger_free()] {\n [..]\n if (data->name)\n del_named_trigger(data) {\n list_del(&data->named_list); <<<<-- NEVER gets removed!\n }\n }\n }\n }\n\n [..]\n kfree(data); <<<-- frees item but it is still on list\n\nThe next time a hist with name is registered, it causes an u-a-f bug and\nthe kernel can crash.\n\nMove the code around such that if event_trigger_register() succeeds, the\nnext thing called is hist_trigger_enable() which adds it to the list.\n\nA bunch of actions is called if get_named_trigger_data() returns false.\nBut that doesn't need to be called after event_trigger_register(), so it\ncan be moved up, allowing event_trigger_register() to be called just\nbefore hist_trigger_enable() keeping them together and allowing the\nfile->triggers to be properly populated.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21899" }, { "cve":"CVE-2025-21910", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest->alpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A�\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21910" }, { "cve":"CVE-2025-21914", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21914" }, { "cve":"CVE-2025-21923", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21923" }, { "cve":"CVE-2025-21927", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn't check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21927" }, { "cve":"CVE-2025-21928", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21928" }, { "cve":"CVE-2025-21935", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21935" }, { "cve":"CVE-2025-21941", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx->plane_state\nis null. The fix adds a check to ensure 'pipe_ctx->plane_state' is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21941" }, { "cve":"CVE-2025-21943", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether 'gpiochip0 0' exists or not does not matter.\n echo 'gpiochip0 0' > /sys/bus/platform/drivers/gpio-aggregator/new_device\n done &\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done &\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980->next is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \n ---[ end trace 0000000000000000 ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21943" }, { "cve":"CVE-2025-21946", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix out-of-bounds in parse_sec_desc()\n\nIf osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd\nstruct size. If it is smaller, It could cause slab-out-of-bounds.\nAnd when validating sid, It need to check it included subauth array size.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21946" }, { "cve":"CVE-2025-21949", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Set hugetlb mmap base address aligned with pmd size\n\nWith ltp test case \"testcases/bin/hugefork02\", there is a dmesg error\nreport message such as:\n\n kernel BUG at mm/hugetlb.c:5550!\n Oops - BUG[#1]:\n CPU: 0 UID: 0 PID: 1517 Comm: hugefork02 Not tainted 6.14.0-rc2+ #241\n Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022\n pc 90000000004eaf1c ra 9000000000485538 tp 900000010edbc000 sp 900000010edbf940\n a0 900000010edbfb00 a1 9000000108d20280 a2 00007fffe9474000 a3 00007ffff3474000\n a4 0000000000000000 a5 0000000000000003 a6 00000000003cadd3 a7 0000000000000000\n t0 0000000001ffffff t1 0000000001474000 t2 900000010ecd7900 t3 00007fffe9474000\n t4 00007fffe9474000 t5 0000000000000040 t6 900000010edbfb00 t7 0000000000000001\n t8 0000000000000005 u0 90000000004849d0 s9 900000010edbfa00 s0 9000000108d20280\n s1 00007fffe9474000 s2 0000000002000000 s3 9000000108d20280 s4 9000000002b38b10\n s5 900000010edbfb00 s6 00007ffff3474000 s7 0000000000000406 s8 900000010edbfa08\n ra: 9000000000485538 unmap_vmas+0x130/0x218\n ERA: 90000000004eaf1c __unmap_hugepage_range+0x6f4/0x7d0\n PRMD: 00000004 (PPLV0 +PIE -PWE)\n EUEN: 00000007 (+FPE +SXE +ASXE -BTE)\n ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)\n ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)\n PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)\n Process hugefork02 (pid: 1517, threadinfo=00000000a670eaf4, task=000000007a95fc64)\n Call Trace:\n [<90000000004eaf1c>] __unmap_hugepage_range+0x6f4/0x7d0\n [<9000000000485534>] unmap_vmas+0x12c/0x218\n [<9000000000494068>] exit_mmap+0xe0/0x308\n [<900000000025fdc4>] mmput+0x74/0x180\n [<900000000026a284>] do_exit+0x294/0x898\n [<900000000026aa30>] do_group_exit+0x30/0x98\n [<900000000027bed4>] get_signal+0x83c/0x868\n [<90000000002457b4>] arch_do_signal_or_restart+0x54/0xfa0\n [<90000000015795e8>] irqentry_exit_to_user_mode+0xb8/0x138\n [<90000000002572d0>] tlb_do_page_fault_1+0x114/0x1b4\n\nThe problem is that base address allocated from hugetlbfs is not aligned\nwith pmd size. Here add a checking for hugetlbfs and align base address\nwith pmd size. After this patch the test case \"testcases/bin/hugefork02\"\npasses to run.\n\nThis is similar to the commit 7f24cbc9c4d42db8a3c8484d1 (\"mm/mmap: teach\ngeneric_get_unmapped_area{_topdown} to handle hugetlb mappings\").", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21949" }, { "cve":"CVE-2025-21963", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21963" }, { "cve":"CVE-2025-21964", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21964" }, { "cve":"CVE-2025-21976", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: hyperv_fb: Allow graceful removal of framebuffer\n\nWhen a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to\nrelease the framebuffer forcefully. If this framebuffer is in use it\nproduce the following WARN and hence this framebuffer is never released.\n\n[ 44.111220] WARNING: CPU: 35 PID: 1882 at drivers/video/fbdev/core/fb_info.c:70 framebuffer_release+0x2c/0x40\n< snip >\n[ 44.111289] Call Trace:\n[ 44.111290] \n[ 44.111291] ? show_regs+0x6c/0x80\n[ 44.111295] ? __warn+0x8d/0x150\n[ 44.111298] ? framebuffer_release+0x2c/0x40\n[ 44.111300] ? report_bug+0x182/0x1b0\n[ 44.111303] ? handle_bug+0x6e/0xb0\n[ 44.111306] ? exc_invalid_op+0x18/0x80\n[ 44.111308] ? asm_exc_invalid_op+0x1b/0x20\n[ 44.111311] ? framebuffer_release+0x2c/0x40\n[ 44.111313] ? hvfb_remove+0x86/0xa0 [hyperv_fb]\n[ 44.111315] vmbus_remove+0x24/0x40 [hv_vmbus]\n[ 44.111323] device_remove+0x40/0x80\n[ 44.111325] device_release_driver_internal+0x20b/0x270\n[ 44.111327] ? bus_find_device+0xb3/0xf0\n\nFix this by moving the release of framebuffer and assosiated memory\nto fb_ops.fb_destroy function, so that framebuffer framework handles\nit gracefully.\n\nWhile we fix this, also replace manual registrations/unregistration of\nframebuffer with devm_register_framebuffer.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21976" }, { "cve":"CVE-2025-21978", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21978" }, { "cve":"CVE-2025-21993", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21993" }, { "cve":"CVE-2025-21994", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix incorrect validation for num_aces field of smb_acl\n\nparse_dcal() validate num_aces to allocate posix_ace_state_array.\n\nif (num_aces > ULONG_MAX / sizeof(struct smb_ace *))\n\nIt is an incorrect validation that we can create an array of size ULONG_MAX.\nsmb_acl has ->size field to calculate actual number of aces in request buffer\nsize. Use this to check invalid num_aces.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-21994" }, { "cve":"CVE-2025-21999", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX's inode instantiation.\n\nThe bug is that pde->proc_ops don't belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde->proc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde->proc_ops->... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir->i_sb, de);\n mod->exit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode->i_mode))\n\t if (de->proc_ops->proc_read_iter)\n --> As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don't do 2 atomic ops on the common path]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21999" }, { "cve":"CVE-2025-22008", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn't already been probed when first accessing it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22008" }, { "cve":"CVE-2025-22013", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host's\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host's FPMR\n before unbinding the host's FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host's FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost's FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As 'fpsimd_state' and 'fpmr_ptr'\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22013" }, { "cve":"CVE-2025-22035", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix use-after-free in print_graph_function_flags during tracer switching\n\nKairui reported a UAF issue in print_graph_function_flags() during\nftrace stress testing [1]. This issue can be reproduced if puting a\n'mdelay(10)' after 'mutex_unlock(&trace_types_lock)' in s_start(),\nand executing the following script:\n\n $ echo function_graph > current_tracer\n $ cat trace > /dev/null &\n $ sleep 5 # Ensure the 'cat' reaches the 'mdelay(10)' point\n $ echo timerlat > current_tracer\n\nThe root cause lies in the two calls to print_graph_function_flags\nwithin print_trace_line during each s_show():\n\n * One through 'iter->trace->print_line()';\n * Another through 'event->funcs->trace()', which is hidden in\n print_trace_fmt() before print_trace_line returns.\n\nTracer switching only updates the former, while the latter continues\nto use the print_line function of the old tracer, which in the script\nabove is print_graph_function_flags.\n\nMoreover, when switching from the 'function_graph' tracer to the\n'timerlat' tracer, s_start only calls graph_trace_close of the\n'function_graph' tracer to free 'iter->private', but does not set\nit to NULL. This provides an opportunity for 'event->funcs->trace()'\nto use an invalid 'iter->private'.\n\nTo fix this issue, set 'iter->private' to NULL immediately after\nfreeing it in graph_trace_close(), ensuring that an invalid pointer\nis not passed to other tracers. Additionally, clean up the unnecessary\n'iter->private = NULL' during each 'cat trace' when using wakeup and\nirqsoff tracers.\n\n [1] https://lore.kernel.org/all/20231112150030.84609-1-ryncsn@gmail.com/", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22035" }, { "cve":"CVE-2025-22038", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate zero num_subauth before sub_auth is accessed\n\nAccess psid->sub_auth[psid->num_subauth - 1] without checking\nif num_subauth is non-zero leads to an out-of-bounds read.\nThis patch adds a validation step to ensure num_subauth != 0\nbefore sub_auth is accessed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22038" }, { "cve":"CVE-2025-22049", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Increase ARCH_DMA_MINALIGN up to 16\n\nARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices\n(such as APBDMA) require 16 bytes alignment. When the data buffer length\nis too small, the hardware may make an error writing cacheline. Thus, it\nis dangerous to allocate a small memory buffer for DMA. It's always safe\nto define ARCH_DMA_MINALIGN as L1_CACHE_BYTES but unnecessary (kmalloc()\nneed small memory objects). Therefore, just increase it to 16.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-22049" }, { "cve":"CVE-2025-22066", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22066" }, { "cve":"CVE-2025-22120", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: goto right label 'out_mmap_sem' in ext4_setattr()\n\nOtherwise, if ext4_inode_attach_jinode() fails, a hung task will\nhappen because filemap_invalidate_unlock() isn't called to unlock\nmapping->invalidate_lock. Like this:\n\nEXT4-fs error (device sda) in ext4_setattr:5557: Out of memory\nINFO: task fsstress:374 blocked for more than 122 seconds.\n Not tainted 6.14.0-rc1-next-20250206-xfstests-dirty #726\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:fsstress state:D stack:0 pid:374 tgid:374 ppid:373\n task_flags:0x440140 flags:0x00000000\nCall Trace:\n \n __schedule+0x2c9/0x7f0\n schedule+0x27/0xa0\n schedule_preempt_disabled+0x15/0x30\n rwsem_down_read_slowpath+0x278/0x4c0\n down_read+0x59/0xb0\n page_cache_ra_unbounded+0x65/0x1b0\n filemap_get_pages+0x124/0x3e0\n filemap_read+0x114/0x3d0\n vfs_read+0x297/0x360\n ksys_read+0x6c/0xe0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-22120" }, { "cve":"CVE-2025-23136", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-23136" }, { "cve":"CVE-2025-38240", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp->drm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1450" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.aarch64", "openEuler-24.03-LTS:bpftool-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:bpftool-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-debugsource-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-headers-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-source-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-tools-devel-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:python3-perf-debuginfo-6.6.0-87.0.0.82.oe2403.x86_64", "openEuler-24.03-LTS:kernel-6.6.0-87.0.0.82.oe2403.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38240" } ] }