{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS-SP1", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch->limit == 0\n\nExpected behaviour:\nIn case we reach scheduler's limit, pfifo_tail_enqueue() will drop a\npacket in scheduler's queue and decrease scheduler's qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler's qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the 'drop a packet' step will do nothing.\nThis means the scheduler's qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler's qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet's say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A's type must have '->graft()' function to create parent/child relationship.\n Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch->limit == 0`.\n - Qdisc_A is configured to route the enqueued's packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B->q.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1.\nReplace 'hfsc' with other type (for example: 'drr') still lead to the same problem.\nThis violate the design where parent's qlen should equal to the sum of its childrens'qlen.\n\nBug impact: This issue can be used for user->kernel privilege escalation when it is reachable.(CVE-2025-21702)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 <0f> 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---(CVE-2025-21875)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.(CVE-2025-21936)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.(CVE-2025-21937)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix Tx L4 checksum\n\nThe hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol.\nThere was a bug to set Tx checksum flag for the other protocol that results\nin Tx ring hang. Fix to compute software checksum for these packets.(CVE-2025-22101)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.(CVE-2025-22108)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy'ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34(CVE-2025-37810)\n\nA vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.Impacted is availability.Upgrading to version 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 5e8c658acd1b7c186aeffa46bf08795e121f401a/07d7b8e7ef7d1f812a6211ed531947c56d09e95e/a7b477b64ef5e37cb08dd536ae07c46f9f28262e/f3b840fb1508a80cd8a0efb5c886ae1995a88b24/4d71f2c1e5263a9f042faa71d59515709869dc79/32d05e6cc3a7bf6c8f16f7b7ef8fe80eca0c233e/61ce04601e0d8265ec6d2ffa6df5a7e1bce64854 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38197)\n\nA vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch 5f1e1573bf103303944fd7225559de5d8297539c/b968ba8bfd9f90914957bbbd815413bf6a98eca7/74bc813d11c30e28fc5261dc877cca662ccfac68/78297d53d3878d43c1d627d20cd09f611fa4b91d/5180561afff8e0f029073c8c8117c95c6512d1f9/68c173ea138b66d7dd1fd980c9bc578a18e11884/b0b6bf90ce2699a574b3683e22c44d0dcdd7a057/d66adabe91803ef34a8b90613c81267b5ded1472 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20044).(CVE-2025-38212)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cxusb: no longer judge rbuf when the write fails\n\nsyzbot reported a uninit-value in cxusb_i2c_xfer. [1]\n\nOnly when the write operation of usb_bulk_msg() in dvb_usb_generic_rw()\nsucceeds and rlen is greater than 0, the read operation of usb_bulk_msg()\nwill be executed to read rlen bytes of data from the dvb device into the\nrbuf.\n\nIn this case, although rlen is 1, the write operation failed which resulted\nin the dvb read operation not being executed, and ultimately variable i was\nnot initialized.\n\n[1]\nBUG: KMSAN: uninit-value in cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\nBUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\n cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n __i2c_transfer+0xe25/0x3150 drivers/i2c/i2c-core-base.c:-1\n i2c_transfer+0x317/0x4a0 drivers/i2c/i2c-core-base.c:2315\n i2c_transfer_buffer_flags+0x125/0x1e0 drivers/i2c/i2c-core-base.c:2343\n i2c_master_send include/linux/i2c.h:109 [inline]\n i2cdev_write+0x210/0x280 drivers/i2c/i2c-dev.c:183\n do_loop_readv_writev fs/read_write.c:848 [inline]\n vfs_writev+0x963/0x14e0 fs/read_write.c:1057\n do_writev+0x247/0x5c0 fs/read_write.c:1101\n __do_sys_writev fs/read_write.c:1169 [inline]\n __se_sys_writev fs/read_write.c:1166 [inline]\n __x64_sys_writev+0x98/0xe0 fs/read_write.c:1166\n x64_sys_call+0x2229/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:21\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f(CVE-2025-38229)\n\nA vulnerability was found in Linux Kernel up to 6.15.2/fc2778c42f99c7de52fc004157b3c3ee4dcc208a (Operating System). It has been rated as problematic.Impacted is confidentiality, integrity, and availability.Upgrading to version 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch ac49b7560b4b08b1e4043a29214cc7ad77644c00/e2d2115e56c4a02377189bfc3a9a7933552a7b0f is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38279)\n\nA vulnerability, which was classified as problematic, was found in Linux Kernel (Operating System).CWE is classifying the issue as CWE-74. The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch e7fb4ebee6e900899d2b2e5852c3e2eafcbcad66/ef92b96530d1731d9ac167bc7c193c683cd78fff/6f639c25bfad17d9fd7379ab91ff9678ea9aac85/2bc6dffb4b72d53d6a6ada510269bf548c3f7ae0/0b9bb52796b239de6792d0d68cdc6eb505ebff96/86bc9c742426a16b52a10ef61f5b721aecca2344 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38280)\n\nA vulnerability has been found in Linux Kernel up to 6.15.2 (Operating System) and classified as critical.The CWE definition for the vulnerability is CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch 44ebe361abb322d2afd77930fa767a99f271c4d1/147ea936fc6fa8fe0c93f0df918803a5375ca535/ee90be48edb3dac612e0b7f5332482a9e8be2696/e167414beabb1e941fe563a96becc98627d5bdf6/6d8f39875a10a194051c3eaefebc7ac06a34aaf3/c98cdf6795a36bca163ebb40411fef1687b9eb13/18e8cbbae79cb35bdce8a01c889827b9799c762e/3880cdbed1c4607e378f58fa924c5d6df900d1d3 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38285)\n\nA vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System). It has been declared as problematic.The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer.As an impact it is known to affect confidentiality.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 64773b3ea09235168a549a195cba43bb867c4a17/67abac27d806e8f9d4226ec1528540cf73af673a/92750bfe7b0d8dbcaf578c091a65eda1c5f9ad38/01f91d415a8375d85e0c7d3615cd4a168308bb7c/21da6d3561f373898349ca7167c9811c020da695/22f935bc86bdfbde04009f05eee191d220cd8c89/422e565b7889ebfd9c8705a3fc786642afe61fca/39dfc971e42d886e7df01371cd1bef505076d84c is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20926).(CVE-2025-38320)\n\nA vulnerability was found in Linux Kernel up to 6.15.3/6.16-rc2 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use.Impacted is availability.Upgrading to version 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f/b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38322)\n\nA vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been declared as critical.The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch d064c68781c19f378af1ae741d9132d35d24b2bb/8690cd3258455bbae64f809e1d3ee0f043661c71/6805582abb720681dd1c87ff677f155dcf4e86c9/03a162933c4a03b9f1a84f7d8482903c7e1e11bb/83a692a9792aa86249d68a8ac0b9d55ecdd255fa/8e89c17dc8970c5f71a3a991f5724d4c8de42d8c/f78a786ad9a5443a29eef4dae60cde85b7375129/f914b52c379c12288b7623bb814d0508dbe7481d is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38346)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-24.03-LTS-SP1.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1869", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" }, { "summary":"CVE-2025-21702", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21702&packageName=kernel" }, { "summary":"CVE-2025-21875", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21875&packageName=kernel" }, { "summary":"CVE-2025-21936", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21936&packageName=kernel" }, { "summary":"CVE-2025-21937", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21937&packageName=kernel" }, { "summary":"CVE-2025-22101", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22101&packageName=kernel" }, { "summary":"CVE-2025-22108", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-22108&packageName=kernel" }, { "summary":"CVE-2025-37810", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37810&packageName=kernel" }, { "summary":"CVE-2025-38197", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38197&packageName=kernel" }, { "summary":"CVE-2025-38212", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38212&packageName=kernel" }, { "summary":"CVE-2025-38229", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38229&packageName=kernel" }, { "summary":"CVE-2025-38279", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38279&packageName=kernel" }, { "summary":"CVE-2025-38280", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38280&packageName=kernel" }, { "summary":"CVE-2025-38285", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38285&packageName=kernel" }, { "summary":"CVE-2025-38320", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38320&packageName=kernel" }, { "summary":"CVE-2025-38322", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38322&packageName=kernel" }, { "summary":"CVE-2025-38346", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38346&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21702" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21875" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21936" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21937" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22101" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-22108" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37810" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38197" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38212" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38229" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38279" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38280" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38285" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38320" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38322" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38346" }, { "summary":"openEuler-SA-2025-1869 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1869.json" } ], "title":"An update for kernel is now available for openEuler-24.03-LTS-SP1", "tracking":{ "initial_release_date":"2025-07-18T22:50:36+08:00", "revision_history":[ { "date":"2025-07-18T22:50:36+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-07-18T22:50:36+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-07-18T22:50:36+08:00", "id":"openEuler-SA-2025-1869", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"openEuler-24.03-LTS-SP1", "name":"openEuler-24.03-LTS-SP1" }, "name":"openEuler-24.03-LTS-SP1", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm" }, "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP1" }, "product_id":"kernel-6.6.0-101.0.0.104.oe2403sp1.src.rpm", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.src.rpm" }, "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"perf-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"perf-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "name":"python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64 as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP1", "product_reference":"kernel-6.6.0-101.0.0.104.oe2403sp1.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src", "name":"kernel-6.6.0-101.0.0.104.oe2403sp1.src as a component of openEuler-24.03-LTS-SP1" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-21702", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch->limit == 0\n\nExpected behaviour:\nIn case we reach scheduler's limit, pfifo_tail_enqueue() will drop a\npacket in scheduler's queue and decrease scheduler's qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler's qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the 'drop a packet' step will do nothing.\nThis means the scheduler's qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler's qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet's say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A's type must have '->graft()' function to create parent/child relationship.\n Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch->limit == 0`.\n - Qdisc_A is configured to route the enqueued's packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B->q.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1.\nReplace 'hfsc' with other type (for example: 'drr') still lead to the same problem.\nThis violate the design where parent's qlen should equal to the sum of its childrens'qlen.\n\nBug impact: This issue can be used for user->kernel privilege escalation when it is reachable.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21702" }, { "cve":"CVE-2025-21875", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 <0f> 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21875" }, { "cve":"CVE-2025-21936", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21936" }, { "cve":"CVE-2025-21937", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21937" }, { "cve":"CVE-2025-22101", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix Tx L4 checksum\n\nThe hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol.\nThere was a bug to set Tx checksum flag for the other protocol that results\nin Tx ring hang. Fix to compute software checksum for these packets.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-22101" }, { "cve":"CVE-2025-22108", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.4, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-22108" }, { "cve":"CVE-2025-37810", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy'ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-37810" }, { "cve":"CVE-2025-38197", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.Impacted is availability.Upgrading to version 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 5e8c658acd1b7c186aeffa46bf08795e121f401a/07d7b8e7ef7d1f812a6211ed531947c56d09e95e/a7b477b64ef5e37cb08dd536ae07c46f9f28262e/f3b840fb1508a80cd8a0efb5c886ae1995a88b24/4d71f2c1e5263a9f042faa71d59515709869dc79/32d05e6cc3a7bf6c8f16f7b7ef8fe80eca0c233e/61ce04601e0d8265ec6d2ffa6df5a7e1bce64854 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38197" }, { "cve":"CVE-2025-38212", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch 5f1e1573bf103303944fd7225559de5d8297539c/b968ba8bfd9f90914957bbbd815413bf6a98eca7/74bc813d11c30e28fc5261dc877cca662ccfac68/78297d53d3878d43c1d627d20cd09f611fa4b91d/5180561afff8e0f029073c8c8117c95c6512d1f9/68c173ea138b66d7dd1fd980c9bc578a18e11884/b0b6bf90ce2699a574b3683e22c44d0dcdd7a057/d66adabe91803ef34a8b90613c81267b5ded1472 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20044).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38212" }, { "cve":"CVE-2025-38229", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cxusb: no longer judge rbuf when the write fails\n\nsyzbot reported a uninit-value in cxusb_i2c_xfer. [1]\n\nOnly when the write operation of usb_bulk_msg() in dvb_usb_generic_rw()\nsucceeds and rlen is greater than 0, the read operation of usb_bulk_msg()\nwill be executed to read rlen bytes of data from the dvb device into the\nrbuf.\n\nIn this case, although rlen is 1, the write operation failed which resulted\nin the dvb read operation not being executed, and ultimately variable i was\nnot initialized.\n\n[1]\nBUG: KMSAN: uninit-value in cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\nBUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n cxusb_gpio_tuner drivers/media/usb/dvb-usb/cxusb.c:124 [inline]\n cxusb_i2c_xfer+0x153a/0x1a60 drivers/media/usb/dvb-usb/cxusb.c:196\n __i2c_transfer+0xe25/0x3150 drivers/i2c/i2c-core-base.c:-1\n i2c_transfer+0x317/0x4a0 drivers/i2c/i2c-core-base.c:2315\n i2c_transfer_buffer_flags+0x125/0x1e0 drivers/i2c/i2c-core-base.c:2343\n i2c_master_send include/linux/i2c.h:109 [inline]\n i2cdev_write+0x210/0x280 drivers/i2c/i2c-dev.c:183\n do_loop_readv_writev fs/read_write.c:848 [inline]\n vfs_writev+0x963/0x14e0 fs/read_write.c:1057\n do_writev+0x247/0x5c0 fs/read_write.c:1101\n __do_sys_writev fs/read_write.c:1169 [inline]\n __se_sys_writev fs/read_write.c:1166 [inline]\n __x64_sys_writev+0x98/0xe0 fs/read_write.c:1166\n x64_sys_call+0x2229/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:21\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38229" }, { "cve":"CVE-2025-38279", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.15.2/fc2778c42f99c7de52fc004157b3c3ee4dcc208a (Operating System). It has been rated as problematic.Impacted is confidentiality, integrity, and availability.Upgrading to version 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch ac49b7560b4b08b1e4043a29214cc7ad77644c00/e2d2115e56c4a02377189bfc3a9a7933552a7b0f is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38279" }, { "cve":"CVE-2025-38280", "notes":[ { "text":"A vulnerability, which was classified as problematic, was found in Linux Kernel (Operating System).CWE is classifying the issue as CWE-74. The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch e7fb4ebee6e900899d2b2e5852c3e2eafcbcad66/ef92b96530d1731d9ac167bc7c193c683cd78fff/6f639c25bfad17d9fd7379ab91ff9678ea9aac85/2bc6dffb4b72d53d6a6ada510269bf548c3f7ae0/0b9bb52796b239de6792d0d68cdc6eb505ebff96/86bc9c742426a16b52a10ef61f5b721aecca2344 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38280" }, { "cve":"CVE-2025-38285", "notes":[ { "text":"A vulnerability has been found in Linux Kernel up to 6.15.2 (Operating System) and classified as critical.The CWE definition for the vulnerability is CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch 44ebe361abb322d2afd77930fa767a99f271c4d1/147ea936fc6fa8fe0c93f0df918803a5375ca535/ee90be48edb3dac612e0b7f5332482a9e8be2696/e167414beabb1e941fe563a96becc98627d5bdf6/6d8f39875a10a194051c3eaefebc7ac06a34aaf3/c98cdf6795a36bca163ebb40411fef1687b9eb13/18e8cbbae79cb35bdce8a01c889827b9799c762e/3880cdbed1c4607e378f58fa924c5d6df900d1d3 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38285" }, { "cve":"CVE-2025-38320", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System). It has been declared as problematic.The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer.As an impact it is known to affect confidentiality.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 64773b3ea09235168a549a195cba43bb867c4a17/67abac27d806e8f9d4226ec1528540cf73af673a/92750bfe7b0d8dbcaf578c091a65eda1c5f9ad38/01f91d415a8375d85e0c7d3615cd4a168308bb7c/21da6d3561f373898349ca7167c9811c020da695/22f935bc86bdfbde04009f05eee191d220cd8c89/422e565b7889ebfd9c8705a3fc786642afe61fca/39dfc971e42d886e7df01371cd1bef505076d84c is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20926).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38320" }, { "cve":"CVE-2025-38322", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.15.3/6.16-rc2 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use.Impacted is availability.Upgrading to version 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch a85cc69acdcb05f8cd226b8ea0778b8e2e887e6f/b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38322" }, { "cve":"CVE-2025-38346", "notes":[ { "text":"A vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been declared as critical.The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch d064c68781c19f378af1ae741d9132d35d24b2bb/8690cd3258455bbae64f809e1d3ee0f043661c71/6805582abb720681dd1c87ff677f155dcf4e86c9/03a162933c4a03b9f1a84f7d8482903c7e1e11bb/83a692a9792aa86249d68a8ac0b9d55ecdd255fa/8e89c17dc8970c5f71a3a991f5724d4c8de42d8c/f78a786ad9a5443a29eef4dae60cde85b7375129/f914b52c379c12288b7623bb814d0508dbe7481d is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1869" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.aarch64", "openEuler-24.03-LTS-SP1:bpftool-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:bpftool-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-debugsource-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-headers-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-source-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-tools-devel-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:python3-perf-debuginfo-6.6.0-101.0.0.104.oe2403sp1.x86_64", "openEuler-24.03-LTS-SP1:kernel-6.6.0-101.0.0.104.oe2403sp1.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38346" } ] }