{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: fix ref leak when switching zones\n\nWhen switching zones or network namespaces without doing a ct clear in\nbetween, it is now leaking a reference to the old ct entry. That's\nbecause tcf_ct_skb_nfct_cached() returns false and\ntcf_ct_flow_table_lookup() may simply overwrite it.\n\nThe fix is to, as the ct entry is not reusable, free it already at\ntcf_ct_skb_nfct_cached().(CVE-2022-49183)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: annotate races around sk->sk_bound_dev_if\n\nUDP sendmsg() is lockless, and reads sk->sk_bound_dev_if while\nthis field can be changed by another thread.\n\nAdds minimal annotations to avoid KCSAN splats for UDP.\nFollowing patches will add more annotations to potential lockless readers.\n\nBUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg\n\nwrite to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0:\n __ip6_datagram_connect+0x6e2/0x930 net/ipv6/datagram.c:221\n ip6_datagram_connect+0x2a/0x40 net/ipv6/datagram.c:272\n inet_dgram_connect+0x107/0x190 net/ipv4/af_inet.c:576\n __sys_connect_file net/socket.c:1900 [inline]\n __sys_connect+0x197/0x1b0 net/socket.c:1917\n __do_sys_connect net/socket.c:1927 [inline]\n __se_sys_connect net/socket.c:1924 [inline]\n __x64_sys_connect+0x3d/0x50 net/socket.c:1924\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nread to 0xffff888136d47a94 of 4 bytes by task 7670 on cpu 1:\n udpv6_sendmsg+0xc60/0x16e0 net/ipv6/udp.c:1436\n inet6_sendmsg+0x5f/0x80 net/ipv6/af_inet6.c:652\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n ____sys_sendmsg+0x39a/0x510 net/socket.c:2413\n ___sys_sendmsg net/socket.c:2467 [inline]\n __sys_sendmmsg+0x267/0x4c0 net/socket.c:2553\n __do_sys_sendmmsg net/socket.c:2582 [inline]\n __se_sys_sendmmsg net/socket.c:2579 [inline]\n __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2579\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nvalue changed: 0x00000000 -> 0xffffff9b\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 7670 Comm: syz-executor.3 Tainted: G W 5.18.0-rc1-syzkaller-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n\nI chose to not add Fixes: tag because race has minor consequences\nand stable teams busy enough.(CVE-2022-49420)\n\nA flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.(CVE-2023-39179)\n\nA flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.(CVE-2023-4458)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()\n\nWhile receiving an MST up request message from one thread in\ndrm_dp_mst_handle_up_req(), the MST topology could be removed from\nanother thread via drm_dp_mst_topology_mgr_set_mst(false), freeing\nmst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.\nThis could lead to a NULL deref/use-after-free of mst_primary in\ndrm_dp_mst_handle_up_req().\n\nAvoid the above by holding a reference for mst_primary in\ndrm_dp_mst_handle_up_req() while it's used.\n\nv2: Fix kfreeing the request if getting an mst_primary reference fails.(CVE-2024-57798)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan <(CVE-2025-21692)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug <=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann <(CVE-2025-21700)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch->limit == 0\n\nExpected behaviour:\nIn case we reach scheduler's limit, pfifo_tail_enqueue() will drop a\npacket in scheduler's queue and decrease scheduler's qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler's qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the 'drop a packet' step will do nothing.\nThis means the scheduler's qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler's qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet's say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A's type must have '->graft()' function to create parent/child relationship.\n Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch->limit == 0`.\n - Qdisc_A is configured to route the enqueued's packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B->q.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1.\nReplace 'hfsc' with other type (for example: 'drr') still lead to the same problem.\nThis violate the design where parent's qlen should equal to the sum of its childrens'qlen.\n\nBug impact: This issue can be used for user->kernel privilege escalation when it is reachable.(CVE-2025-21702)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb->head [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline](CVE-2025-21891)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix unconditional IO throttle caused by REQ_PREFLUSH\n\nWhen a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush()\ngenerates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC,\nwhich causes the flush_bio to be throttled by wbt_wait().\n\nAn example from v5.4, similar problem also exists in upstream:\n\n crash> bt 2091206\n PID: 2091206 TASK: ffff2050df92a300 CPU: 109 COMMAND: \"kworker/u260:0\"\n #0 [ffff800084a2f7f0] __switch_to at ffff80004008aeb8\n #1 [ffff800084a2f820] __schedule at ffff800040bfa0c4\n #2 [ffff800084a2f880] schedule at ffff800040bfa4b4\n #3 [ffff800084a2f8a0] io_schedule at ffff800040bfa9c4\n #4 [ffff800084a2f8c0] rq_qos_wait at ffff8000405925bc\n #5 [ffff800084a2f940] wbt_wait at ffff8000405bb3a0\n #6 [ffff800084a2f9a0] __rq_qos_throttle at ffff800040592254\n #7 [ffff800084a2f9c0] blk_mq_make_request at ffff80004057cf38\n #8 [ffff800084a2fa60] generic_make_request at ffff800040570138\n #9 [ffff800084a2fae0] submit_bio at ffff8000405703b4\n #10 [ffff800084a2fb50] xlog_write_iclog at ffff800001280834 [xfs]\n #11 [ffff800084a2fbb0] xlog_sync at ffff800001280c3c [xfs]\n #12 [ffff800084a2fbf0] xlog_state_release_iclog at ffff800001280df4 [xfs]\n #13 [ffff800084a2fc10] xlog_write at ffff80000128203c [xfs]\n #14 [ffff800084a2fcd0] xlog_cil_push at ffff8000012846dc [xfs]\n #15 [ffff800084a2fda0] xlog_cil_push_work at ffff800001284a2c [xfs]\n #16 [ffff800084a2fdb0] process_one_work at ffff800040111d08\n #17 [ffff800084a2fe00] worker_thread at ffff8000401121cc\n #18 [ffff800084a2fe70] kthread at ffff800040118de4\n\nAfter commit 2def2845cc33 (\"xfs: don't allow log IO to be throttled\"),\nthe metadata submitted by xlog_write_iclog() should not be throttled.\nBut due to the existence of the dm layer, throttling flush_bio indirectly\ncauses the metadata bio to be throttled.\n\nFix this by conditionally adding REQ_IDLE to flush_bio.bi_opf, which makes\nwbt_should_throttle() return false to avoid wbt_wait().(CVE-2025-38063)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.(CVE-2025-38125)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Fix null-ptr-deref in calipso_req_{set,del}attr().\n\nsyzkaller reported a null-ptr-deref in sock_omalloc() while allocating\na CALIPSO option. [0]\n\nThe NULL is of struct sock, which was fetched by sk_to_full_sk() in\ncalipso_req_setattr().\n\nSince commit a1a5344ddbe8 (\"tcp: avoid two atomic ops for syncookies\"),\nreqsk->rsk_listener could be NULL when SYN Cookie is returned to its\nclient, as hinted by the leading SYN Cookie log.\n\nHere are 3 options to fix the bug:\n\n 1) Return 0 in calipso_req_setattr()\n 2) Return an error in calipso_req_setattr()\n 3) Alaways set rsk_listener\n\n1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie\nfor CALIPSO. 3) is also no go as there have been many efforts to reduce\natomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35\n(\"tcp/dccp: do not touch listener sk_refcnt under synflood\").\n\nAs of the blamed commit, SYN Cookie already did not need refcounting,\nand no one has stumbled on the bug for 9 years, so no CALIPSO user will\ncare about SYN Cookie.\n\nLet's return an error in calipso_req_setattr() and calipso_req_delattr()\nin the SYN Cookie case.\n\nThis can be reproduced by [1] on Fedora and now connect() of nc times out.\n\n[0]:\nTCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:read_pnet include/net/net_namespace.h:406 [inline]\nRIP: 0010:sock_net include/net/sock.h:655 [inline]\nRIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806\nCode: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b\nRSP: 0018:ffff88811af89038 EFLAGS: 00010216\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400\nRDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030\nRBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e\nR10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000\nR13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050\nFS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \n ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288\n calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204\n calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597\n netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249\n selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342\n selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551\n security_inet_conn_request+0x50/0xa0 security/security.c:4945\n tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825\n tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275\n tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328\n tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781\n tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667\n tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904\n ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436\n ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491\n dst_input include/net/dst.h:469 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netf\n---truncated---(CVE-2025-38181)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\next4: inline: fix len overflow in ext4_prepare_inline_data\n\nWhen running the following code on an ext4 filesystem with inline_data\nfeature enabled, it will lead to the bug below.\n\n fd = open(\"file1\", O_RDWR | O_CREAT | O_TRUNC, 0666);\n ftruncate(fd, 30);\n pwrite(fd, \"a\", 1, (1UL << 40) + 5UL);\n\nThat happens because write_begin will succeed as when\next4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len\nwill be truncated, leading to ext4_prepare_inline_data parameter to be 6\ninstead of 0x10000000006.\n\nThen, later when write_end is called, we hit:\n\n BUG_ON(pos + len > EXT4_I(inode)->i_inline_size);\n\nat ext4_write_inline_data.\n\nFix it by using a loff_t type for the len parameter in\next4_prepare_inline_data instead of an unsigned int.\n\n[ 44.545164] ------------[ cut here ]------------\n[ 44.545530] kernel BUG at fs/ext4/inline.c:240!\n[ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb\n[ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100\n[ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b <0f> 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49\n[ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216\n[ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006\n[ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738\n[ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000\n[ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738\n[ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000\n[ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0\n[ 44.546523] PKRU: 55555554\n[ 44.546523] Call Trace:\n[ 44.546523] \n[ 44.546523] ext4_write_inline_data_end+0x126/0x2d0\n[ 44.546523] generic_perform_write+0x17e/0x270\n[ 44.546523] ext4_buffered_write_iter+0xc8/0x170\n[ 44.546523] vfs_write+0x2be/0x3e0\n[ 44.546523] __x64_sys_pwrite64+0x6d/0xc0\n[ 44.546523] do_syscall_64+0x6a/0xf0\n[ 44.546523] ? __wake_up+0x89/0xb0\n[ 44.546523] ? xas_find+0x72/0x1c0\n[ 44.546523] ? next_uptodate_folio+0x317/0x330\n[ 44.546523] ? set_pte_range+0x1a6/0x270\n[ 44.546523] ? filemap_map_pages+0x6ee/0x840\n[ 44.546523] ? ext4_setattr+0x2fa/0x750\n[ 44.546523] ? do_pte_missing+0x128/0xf70\n[ 44.546523] ? security_inode_post_setattr+0x3e/0xd0\n[ 44.546523] ? ___pte_offset_map+0x19/0x100\n[ 44.546523] ? handle_mm_fault+0x721/0xa10\n[ 44.546523] ? do_user_addr_fault+0x197/0x730\n[ 44.546523] ? do_syscall_64+0x76/0xf0\n[ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60\n[ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 44.546523] RIP: 0033:0x7f42999c6687\n[ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\n[ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012\n[ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687\n[ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003\n[ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000\n[ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000\n---truncated---(CVE-2025-38222)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Use memcpy() for BIOS version\n\nThe strlcat() with FORTIFY support is triggering a panic because it\nthinks the target buffer will overflow although the correct target\nbuffer size is passed in.\n\nAnyway, instead of memset() with 0 followed by a strlcat(), just use\nmemcpy() and ensure that the resulting buffer is NULL terminated.\n\nBIOSVersion is only used for the lpfc_printf_log() which expects a\nproperly terminated string.(CVE-2025-38332)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null pointer check for get_first_active_display()\n\nThe function mod_hdcp_hdcp1_enable_encryption() calls the function\nget_first_active_display(), but does not check its return value.\nThe return value is a null pointer if the display list is empty.\nThis will lead to a null pointer dereference in\nmod_hdcp_hdcp2_enable_encryption().\n\nAdd a null pointer check for get_first_active_display() and return\nMOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.(CVE-2025-38362)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Disable interrupts before resetting the GPU\n\nCurrently, an interrupt can be triggered during a GPU reset, which can\nlead to GPU hangs and NULL pointer dereference in an interrupt context\nas shown in the following trace:\n\n [ 314.035040] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n [ 314.043822] Mem abort info:\n [ 314.046606] ESR = 0x0000000096000005\n [ 314.050347] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 314.055651] SET = 0, FnV = 0\n [ 314.058695] EA = 0, S1PTW = 0\n [ 314.061826] FSC = 0x05: level 1 translation fault\n [ 314.066694] Data abort info:\n [ 314.069564] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n [ 314.075039] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n [ 314.080080] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [ 314.085382] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000102728000\n [ 314.091814] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n [ 314.100511] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n [ 314.106770] Modules linked in: v3d i2c_brcmstb vc4 snd_soc_hdmi_codec gpu_sched drm_shmem_helper drm_display_helper cec drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight\n [ 314.129654] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.25+rpt-rpi-v8 #1 Debian 1:6.12.25-1+rpt1\n [ 314.139388] Hardware name: Raspberry Pi 4 Model B Rev 1.4 (DT)\n [ 314.145211] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 314.152165] pc : v3d_irq+0xec/0x2e0 [v3d]\n [ 314.156187] lr : v3d_irq+0xe0/0x2e0 [v3d]\n [ 314.160198] sp : ffffffc080003ea0\n [ 314.163502] x29: ffffffc080003ea0 x28: ffffffec1f184980 x27: 021202b000000000\n [ 314.170633] x26: ffffffec1f17f630 x25: ffffff8101372000 x24: ffffffec1f17d9f0\n [ 314.177764] x23: 000000000000002a x22: 000000000000002a x21: ffffff8103252000\n [ 314.184895] x20: 0000000000000001 x19: 00000000deadbeef x18: 0000000000000000\n [ 314.192026] x17: ffffff94e51d2000 x16: ffffffec1dac3cb0 x15: c306000000000000\n [ 314.199156] x14: 0000000000000000 x13: b2fc982e03cc5168 x12: 0000000000000001\n [ 314.206286] x11: ffffff8103f8bcc0 x10: ffffffec1f196868 x9 : ffffffec1dac3874\n [ 314.213416] x8 : 0000000000000000 x7 : 0000000000042a3a x6 : ffffff810017a180\n [ 314.220547] x5 : ffffffec1ebad400 x4 : ffffffec1ebad320 x3 : 00000000000bebeb\n [ 314.227677] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n [ 314.234807] Call trace:\n [ 314.237243] v3d_irq+0xec/0x2e0 [v3d]\n [ 314.240906] __handle_irq_event_percpu+0x58/0x218\n [ 314.245609] handle_irq_event+0x54/0xb8\n [ 314.249439] handle_fasteoi_irq+0xac/0x240\n [ 314.253527] handle_irq_desc+0x48/0x68\n [ 314.257269] generic_handle_domain_irq+0x24/0x38\n [ 314.261879] gic_handle_irq+0x48/0xd8\n [ 314.265533] call_on_irq_stack+0x24/0x58\n [ 314.269448] do_interrupt_handler+0x88/0x98\n [ 314.273624] el1_interrupt+0x34/0x68\n [ 314.277193] el1h_64_irq_handler+0x18/0x28\n [ 314.281281] el1h_64_irq+0x64/0x68\n [ 314.284673] default_idle_call+0x3c/0x168\n [ 314.288675] do_idle+0x1fc/0x230\n [ 314.291895] cpu_startup_entry+0x3c/0x50\n [ 314.295810] rest_init+0xe4/0xf0\n [ 314.299030] start_kernel+0x5e8/0x790\n [ 314.302684] __primary_switched+0x80/0x90\n [ 314.306691] Code: 940029eb 360ffc13 f9442ea0 52800001 (f9406017)\n [ 314.312775] ---[ end trace 0000000000000000 ]---\n [ 314.317384] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n [ 314.324249] SMP: stopping secondary CPUs\n [ 314.328167] Kernel Offset: 0x2b9da00000 from 0xffffffc080000000\n [ 314.334076] PHYS_OFFSET: 0x0\n [ 314.336946] CPU features: 0x08,00002013,c0200000,0200421b\n [ 314.342337] Memory Limit: none\n [ 314.345382] ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nBefore resetting the G\n---truncated---(CVE-2025-38371)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Refuse to evaluate a method if arguments are missing\n\nAs reported in [1], a platform firmware update that increased the number\nof method parameters and forgot to update a least one of its callers,\ncaused ACPICA to crash due to use-after-free.\n\nSince this a result of a clear AML issue that arguably cannot be fixed\nup by the interpreter (it cannot produce missing data out of thin air),\naddress it by making ACPICA refuse to evaluate a method if the caller\nattempts to pass fewer arguments than expected to it.(CVE-2025-38386)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert\n\nThe obj_event may be loaded immediately after inserted, then if the\nlist_head is not initialized then we may get a poisonous pointer. This\nfixes the crash below:\n\n mlx5_core 0000:03:00.0: MLX5E: StrdRq(1) RqSz(8) StrdSz(2048) RxCqeCmprss(0 enhanced)\n mlx5_core.sf mlx5_core.sf.4: firmware version: 32.38.3056\n mlx5_core 0000:03:00.0 en3f0pf0sf2002: renamed from eth0\n mlx5_core.sf mlx5_core.sf.4: Rate limit: 127 rates are supported, range: 0Mbps to 195312Mbps\n IPv6: ADDRCONF(NETDEV_CHANGE): en3f0pf0sf2002: link becomes ready\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n Mem abort info:\n ESR = 0x96000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000007760fb000\n [0000000000000060] pgd=000000076f6d7003, p4d=000000076f6d7003, pud=0000000777841003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#1] SMP\n Modules linked in: ipmb_host(OE) act_mirred(E) cls_flower(E) sch_ingress(E) mptcp_diag(E) udp_diag(E) raw_diag(E) unix_diag(E) tcp_diag(E) inet_diag(E) binfmt_misc(E) bonding(OE) rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) isofs(E) cdrom(E) mst_pciconf(OE) ib_umad(OE) mlx5_ib(OE) ipmb_dev_int(OE) mlx5_core(OE) kpatch_15237886(OEK) mlxdevm(OE) auxiliary(OE) ib_uverbs(OE) ib_core(OE) psample(E) mlxfw(OE) tls(E) sunrpc(E) vfat(E) fat(E) crct10dif_ce(E) ghash_ce(E) sha1_ce(E) sbsa_gwdt(E) virtio_console(E) ext4(E) mbcache(E) jbd2(E) xfs(E) libcrc32c(E) mmc_block(E) virtio_net(E) net_failover(E) failover(E) sha2_ce(E) sha256_arm64(E) nvme(OE) nvme_core(OE) gpio_mlxbf3(OE) mlx_compat(OE) mlxbf_pmc(OE) i2c_mlxbf(OE) sdhci_of_dwcmshc(OE) pinctrl_mlxbf3(OE) mlxbf_pka(OE) gpio_generic(E) i2c_core(E) mmc_core(E) mlxbf_gige(OE) vitesse(E) pwr_mlxbf(OE) mlxbf_tmfifo(OE) micrel(E) mlxbf_bootctl(OE) virtio_ring(E) virtio(E) ipmi_devintf(E) ipmi_msghandler(E)\n [last unloaded: mst_pci]\n CPU: 11 PID: 20913 Comm: rte-worker-11 Kdump: loaded Tainted: G OE K 5.10.134-13.1.an8.aarch64 #1\n Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.2.2.12968 Oct 26 2023\n pstate: a0400089 (NzCv daIf +PAN -UAO -TCO BTYPE=--)\n pc : dispatch_event_fd+0x68/0x300 [mlx5_ib]\n lr : devx_event_notifier+0xcc/0x228 [mlx5_ib]\n sp : ffff80001005bcf0\n x29: ffff80001005bcf0 x28: 0000000000000001\n x27: ffff244e0740a1d8 x26: ffff244e0740a1d0\n x25: ffffda56beff5ae0 x24: ffffda56bf911618\n x23: ffff244e0596a480 x22: ffff244e0596a480\n x21: ffff244d8312ad90 x20: ffff244e0596a480\n x19: fffffffffffffff0 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffda56be66d620\n x15: 0000000000000000 x14: 0000000000000000\n x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000040 x10: ffffda56bfcafb50\n x9 : ffffda5655c25f2c x8 : 0000000000000010\n x7 : 0000000000000000 x6 : ffff24545a2e24b8\n x5 : 0000000000000003 x4 : ffff80001005bd28\n x3 : 0000000000000000 x2 : 0000000000000000\n x1 : ffff244e0596a480 x0 : ffff244d8312ad90\n Call trace:\n dispatch_event_fd+0x68/0x300 [mlx5_ib]\n devx_event_notifier+0xcc/0x228 [mlx5_ib]\n atomic_notifier_call_chain+0x58/0x80\n mlx5_eq_async_int+0x148/0x2b0 [mlx5_core]\n atomic_notifier_call_chain+0x58/0x80\n irq_int_handler+0x20/0x30 [mlx5_core]\n __handle_irq_event_percpu+0x60/0x220\n handle_irq_event_percpu+0x3c/0x90\n handle_irq_event+0x58/0x158\n handle_fasteoi_irq+0xfc/0x188\n generic_handle_irq+0x34/0x48\n ...(CVE-2025-38387)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.\n\nsyzbot reported a warning below [1] following a fault injection in\nnfs_fs_proc_net_init(). [0]\n\nWhen nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed.\n\nLater, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning\nis logged as the directory is not empty.\n\nLet's handle the error of nfs_fs_proc_net_init() properly.\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl (lib/dump_stack.c:123)\n should_fail_ex (lib/fault-inject.c:73 lib/fault-inject.c:174)\n should_failslab (mm/failslab.c:46)\n kmem_cache_alloc_noprof (mm/slub.c:4178 mm/slub.c:4204)\n __proc_create (fs/proc/generic.c:427)\n proc_create_reg (fs/proc/generic.c:554)\n proc_create_net_data (fs/proc/proc_net.c:120)\n nfs_fs_proc_net_init (fs/nfs/client.c:1409)\n nfs_net_init (fs/nfs/inode.c:2600)\n ops_init (net/core/net_namespace.c:138)\n setup_net (net/core/net_namespace.c:443)\n copy_net_ns (net/core/net_namespace.c:576)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_namespaces (kernel/nsproxy.c:218 (discriminator 4))\n ksys_unshare (kernel/fork.c:3123)\n __x64_sys_unshare (kernel/fork.c:3190)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \n\n[1]:\nremove_proc_entry: removing non-empty directory 'net/rpc', leaking at least 'nfs'\n WARNING: CPU: 1 PID: 6120 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nModules linked in:\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n RIP: 0010:remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nCode: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 40 ba a2 8b 48 c7 c7 60 b9 a2 8b e8 33 81 1d ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 04 69 5e ff 90 48 b8 00 00 00 00 00\nRSP: 0018:ffffc90003637b08 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff88805f534140 RCX: ffffffff817a92c8\nRDX: ffff88807da99e00 RSI: ffffffff817a92d5 RDI: 0000000000000001\nRBP: ffff888033431ac0 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff888033431a00\nR13: ffff888033431ae4 R14: ffff888033184724 R15: dffffc0000000000\nFS: 0000555580328500(0000) GS:ffff888124a62000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f71733743e0 CR3: 000000007f618000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n sunrpc_exit_net+0x46/0x90 net/sunrpc/sunrpc_syms.c:76\n ops_exit_list net/core/net_namespace.c:200 [inline]\n ops_undo_list+0x2eb/0xab0 net/core/net_namespace.c:253\n setup_net+0x2e1/0x510 net/core/net_namespace.c:457\n copy_net_ns+0x2a6/0x5f0 net/core/net_namespace.c:574\n create_new_namespaces+0x3ea/0xa90 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:218\n ksys_unshare+0x45b/0xa40 kernel/fork.c:3121\n __do_sys_unshare kernel/fork.c:3192 [inline]\n __se_sys_unshare kernel/fork.c:3190 [inline]\n __x64_sys_unshare+0x31/0x40 kernel/fork.c:3190\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x490 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fa1a6b8e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c\n---truncated---(CVE-2025-38400)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix sample vs do_exit()\n\nBaisheng Gao reported an ARM64 crash, which Mark decoded as being a\nsynchronous external abort -- most likely due to trying to access\nMMIO in bad ways.\n\nThe crash further shows perf trying to do a user stack sample while in\nexit_mmap()'s tlb_finish_mmu() -- i.e. while tearing down the address\nspace it is trying to access.\n\nIt turns out that we stop perf after we tear down the userspace mm; a\nreceipie for disaster, since perf likes to access userspace for\nvarious reasons.\n\nFlip this order by moving up where we stop perf in do_exit().\n\nAdditionally, harden PERF_SAMPLE_CALLCHAIN and PERF_SAMPLE_STACK_USER\nto abort when the current task does not have an mm (exit_mm() makes\nsure to set current->mm = NULL; before commencing with the actual\nteardown). Such that CPU wide events don't trip on this same problem.(CVE-2025-38424)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff <0f> 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en](CVE-2025-38439)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: net: sierra: check for no status endpoint\n\nThe driver checks for having three endpoints and\nhaving bulk in and out endpoints, but not that\nthe third endpoint is interrupt input.\nRectify the omission.(CVE-2025-38474)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller's mount namespace. This change aligns permission checking\nwith the rest of mount(2).(CVE-2025-38498)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1963", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" }, { "summary":"CVE-2022-49183", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49183&packageName=kernel" }, { "summary":"CVE-2022-49420", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49420&packageName=kernel" }, { "summary":"CVE-2023-39179", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-39179&packageName=kernel" }, { "summary":"CVE-2023-4458", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-4458&packageName=kernel" }, { "summary":"CVE-2024-57798", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57798&packageName=kernel" }, { "summary":"CVE-2025-21692", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21692&packageName=kernel" }, { "summary":"CVE-2025-21700", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21700&packageName=kernel" }, { "summary":"CVE-2025-21702", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21702&packageName=kernel" }, { "summary":"CVE-2025-21891", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21891&packageName=kernel" }, { "summary":"CVE-2025-38063", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38063&packageName=kernel" }, { "summary":"CVE-2025-38125", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38125&packageName=kernel" }, { "summary":"CVE-2025-38181", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38181&packageName=kernel" }, { "summary":"CVE-2025-38222", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38222&packageName=kernel" }, { "summary":"CVE-2025-38332", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38332&packageName=kernel" }, { "summary":"CVE-2025-38362", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38362&packageName=kernel" }, { "summary":"CVE-2025-38371", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38371&packageName=kernel" }, { "summary":"CVE-2025-38386", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38386&packageName=kernel" }, { "summary":"CVE-2025-38387", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38387&packageName=kernel" }, { "summary":"CVE-2025-38400", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38400&packageName=kernel" }, { "summary":"CVE-2025-38424", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38424&packageName=kernel" }, { "summary":"CVE-2025-38439", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38439&packageName=kernel" }, { "summary":"CVE-2025-38474", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38474&packageName=kernel" }, { "summary":"CVE-2025-38498", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38498&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49183" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49420" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39179" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4458" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-57798" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21692" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21700" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21702" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21891" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38063" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38125" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38181" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38222" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38332" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38362" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38371" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38386" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38387" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38400" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38424" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38439" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38474" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38498" }, { "summary":"openEuler-SA-2025-1963 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1963.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "tracking":{ "initial_release_date":"2025-08-08T19:22:55+08:00", "revision_history":[ { "date":"2025-08-08T19:22:55+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-08-08T19:22:55+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-08-08T19:22:55+08:00", "id":"openEuler-SA-2025-1963", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-276.0.0.178.oe2203sp3.src.rpm", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.src.rpm" }, "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.src.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"perf-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"perf-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "name":"python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-276.0.0.178.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src", "name":"kernel-5.10.0-276.0.0.178.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2022-49183", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: fix ref leak when switching zones\n\nWhen switching zones or network namespaces without doing a ct clear in\nbetween, it is now leaking a reference to the old ct entry. That's\nbecause tcf_ct_skb_nfct_cached() returns false and\ntcf_ct_flow_table_lookup() may simply overwrite it.\n\nThe fix is to, as the ct entry is not reusable, free it already at\ntcf_ct_skb_nfct_cached().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49183" }, { "cve":"CVE-2022-49420", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: annotate races around sk->sk_bound_dev_if\n\nUDP sendmsg() is lockless, and reads sk->sk_bound_dev_if while\nthis field can be changed by another thread.\n\nAdds minimal annotations to avoid KCSAN splats for UDP.\nFollowing patches will add more annotations to potential lockless readers.\n\nBUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg\n\nwrite to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0:\n __ip6_datagram_connect+0x6e2/0x930 net/ipv6/datagram.c:221\n ip6_datagram_connect+0x2a/0x40 net/ipv6/datagram.c:272\n inet_dgram_connect+0x107/0x190 net/ipv4/af_inet.c:576\n __sys_connect_file net/socket.c:1900 [inline]\n __sys_connect+0x197/0x1b0 net/socket.c:1917\n __do_sys_connect net/socket.c:1927 [inline]\n __se_sys_connect net/socket.c:1924 [inline]\n __x64_sys_connect+0x3d/0x50 net/socket.c:1924\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nread to 0xffff888136d47a94 of 4 bytes by task 7670 on cpu 1:\n udpv6_sendmsg+0xc60/0x16e0 net/ipv6/udp.c:1436\n inet6_sendmsg+0x5f/0x80 net/ipv6/af_inet6.c:652\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n ____sys_sendmsg+0x39a/0x510 net/socket.c:2413\n ___sys_sendmsg net/socket.c:2467 [inline]\n __sys_sendmmsg+0x267/0x4c0 net/socket.c:2553\n __do_sys_sendmmsg net/socket.c:2582 [inline]\n __se_sys_sendmmsg net/socket.c:2579 [inline]\n __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2579\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nvalue changed: 0x00000000 -> 0xffffff9b\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 7670 Comm: syz-executor.3 Tainted: G W 5.18.0-rc1-syzkaller-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n\nI chose to not add Fixes: tag because race has minor consequences\nand stable teams busy enough.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2022-49420" }, { "cve":"CVE-2023-39179", "notes":[ { "text":"A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-39179" }, { "cve":"CVE-2023-4458", "notes":[ { "text":"A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-4458" }, { "cve":"CVE-2024-57798", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()\n\nWhile receiving an MST up request message from one thread in\ndrm_dp_mst_handle_up_req(), the MST topology could be removed from\nanother thread via drm_dp_mst_topology_mgr_set_mst(false), freeing\nmst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.\nThis could lead to a NULL deref/use-after-free of mst_primary in\ndrm_dp_mst_handle_up_req().\n\nAvoid the above by holding a reference for mst_primary in\ndrm_dp_mst_handle_up_req() while it's used.\n\nv2: Fix kfreeing the request if getting an mst_primary reference fails.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-57798" }, { "cve":"CVE-2025-21692", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan <", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21692" }, { "cve":"CVE-2025-21700", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug <=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann <", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21700" }, { "cve":"CVE-2025-21702", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch->limit == 0\n\nExpected behaviour:\nIn case we reach scheduler's limit, pfifo_tail_enqueue() will drop a\npacket in scheduler's queue and decrease scheduler's qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler's qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the 'drop a packet' step will do nothing.\nThis means the scheduler's qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler's qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet's say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A's type must have '->graft()' function to create parent/child relationship.\n Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch->limit == 0`.\n - Qdisc_A is configured to route the enqueued's packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B->q.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1.\nReplace 'hfsc' with other type (for example: 'drr') still lead to the same problem.\nThis violate the design where parent's qlen should equal to the sum of its childrens'qlen.\n\nBug impact: This issue can be used for user->kernel privilege escalation when it is reachable.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21702" }, { "cve":"CVE-2025-21891", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb->head [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-21891" }, { "cve":"CVE-2025-38063", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix unconditional IO throttle caused by REQ_PREFLUSH\n\nWhen a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush()\ngenerates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC,\nwhich causes the flush_bio to be throttled by wbt_wait().\n\nAn example from v5.4, similar problem also exists in upstream:\n\n crash> bt 2091206\n PID: 2091206 TASK: ffff2050df92a300 CPU: 109 COMMAND: \"kworker/u260:0\"\n #0 [ffff800084a2f7f0] __switch_to at ffff80004008aeb8\n #1 [ffff800084a2f820] __schedule at ffff800040bfa0c4\n #2 [ffff800084a2f880] schedule at ffff800040bfa4b4\n #3 [ffff800084a2f8a0] io_schedule at ffff800040bfa9c4\n #4 [ffff800084a2f8c0] rq_qos_wait at ffff8000405925bc\n #5 [ffff800084a2f940] wbt_wait at ffff8000405bb3a0\n #6 [ffff800084a2f9a0] __rq_qos_throttle at ffff800040592254\n #7 [ffff800084a2f9c0] blk_mq_make_request at ffff80004057cf38\n #8 [ffff800084a2fa60] generic_make_request at ffff800040570138\n #9 [ffff800084a2fae0] submit_bio at ffff8000405703b4\n #10 [ffff800084a2fb50] xlog_write_iclog at ffff800001280834 [xfs]\n #11 [ffff800084a2fbb0] xlog_sync at ffff800001280c3c [xfs]\n #12 [ffff800084a2fbf0] xlog_state_release_iclog at ffff800001280df4 [xfs]\n #13 [ffff800084a2fc10] xlog_write at ffff80000128203c [xfs]\n #14 [ffff800084a2fcd0] xlog_cil_push at ffff8000012846dc [xfs]\n #15 [ffff800084a2fda0] xlog_cil_push_work at ffff800001284a2c [xfs]\n #16 [ffff800084a2fdb0] process_one_work at ffff800040111d08\n #17 [ffff800084a2fe00] worker_thread at ffff8000401121cc\n #18 [ffff800084a2fe70] kthread at ffff800040118de4\n\nAfter commit 2def2845cc33 (\"xfs: don't allow log IO to be throttled\"),\nthe metadata submitted by xlog_write_iclog() should not be throttled.\nBut due to the existence of the dm layer, throttling flush_bio indirectly\ncauses the metadata bio to be throttled.\n\nFix this by conditionally adding REQ_IDLE to flush_bio.bi_opf, which makes\nwbt_should_throttle() return false to avoid wbt_wait().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38063" }, { "cve":"CVE-2025-38125", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38125" }, { "cve":"CVE-2025-38181", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Fix null-ptr-deref in calipso_req_{set,del}attr().\n\nsyzkaller reported a null-ptr-deref in sock_omalloc() while allocating\na CALIPSO option. [0]\n\nThe NULL is of struct sock, which was fetched by sk_to_full_sk() in\ncalipso_req_setattr().\n\nSince commit a1a5344ddbe8 (\"tcp: avoid two atomic ops for syncookies\"),\nreqsk->rsk_listener could be NULL when SYN Cookie is returned to its\nclient, as hinted by the leading SYN Cookie log.\n\nHere are 3 options to fix the bug:\n\n 1) Return 0 in calipso_req_setattr()\n 2) Return an error in calipso_req_setattr()\n 3) Alaways set rsk_listener\n\n1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie\nfor CALIPSO. 3) is also no go as there have been many efforts to reduce\natomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35\n(\"tcp/dccp: do not touch listener sk_refcnt under synflood\").\n\nAs of the blamed commit, SYN Cookie already did not need refcounting,\nand no one has stumbled on the bug for 9 years, so no CALIPSO user will\ncare about SYN Cookie.\n\nLet's return an error in calipso_req_setattr() and calipso_req_delattr()\nin the SYN Cookie case.\n\nThis can be reproduced by [1] on Fedora and now connect() of nc times out.\n\n[0]:\nTCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:read_pnet include/net/net_namespace.h:406 [inline]\nRIP: 0010:sock_net include/net/sock.h:655 [inline]\nRIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806\nCode: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b\nRSP: 0018:ffff88811af89038 EFLAGS: 00010216\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400\nRDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030\nRBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e\nR10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000\nR13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050\nFS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \n ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288\n calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204\n calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597\n netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249\n selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342\n selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551\n security_inet_conn_request+0x50/0xa0 security/security.c:4945\n tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825\n tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275\n tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328\n tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781\n tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667\n tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904\n ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436\n ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491\n dst_input include/net/dst.h:469 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netf\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38181" }, { "cve":"CVE-2025-38222", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: inline: fix len overflow in ext4_prepare_inline_data\n\nWhen running the following code on an ext4 filesystem with inline_data\nfeature enabled, it will lead to the bug below.\n\n fd = open(\"file1\", O_RDWR | O_CREAT | O_TRUNC, 0666);\n ftruncate(fd, 30);\n pwrite(fd, \"a\", 1, (1UL << 40) + 5UL);\n\nThat happens because write_begin will succeed as when\next4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len\nwill be truncated, leading to ext4_prepare_inline_data parameter to be 6\ninstead of 0x10000000006.\n\nThen, later when write_end is called, we hit:\n\n BUG_ON(pos + len > EXT4_I(inode)->i_inline_size);\n\nat ext4_write_inline_data.\n\nFix it by using a loff_t type for the len parameter in\next4_prepare_inline_data instead of an unsigned int.\n\n[ 44.545164] ------------[ cut here ]------------\n[ 44.545530] kernel BUG at fs/ext4/inline.c:240!\n[ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb\n[ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100\n[ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b <0f> 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49\n[ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216\n[ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006\n[ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738\n[ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000\n[ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738\n[ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000\n[ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0\n[ 44.546523] PKRU: 55555554\n[ 44.546523] Call Trace:\n[ 44.546523] \n[ 44.546523] ext4_write_inline_data_end+0x126/0x2d0\n[ 44.546523] generic_perform_write+0x17e/0x270\n[ 44.546523] ext4_buffered_write_iter+0xc8/0x170\n[ 44.546523] vfs_write+0x2be/0x3e0\n[ 44.546523] __x64_sys_pwrite64+0x6d/0xc0\n[ 44.546523] do_syscall_64+0x6a/0xf0\n[ 44.546523] ? __wake_up+0x89/0xb0\n[ 44.546523] ? xas_find+0x72/0x1c0\n[ 44.546523] ? next_uptodate_folio+0x317/0x330\n[ 44.546523] ? set_pte_range+0x1a6/0x270\n[ 44.546523] ? filemap_map_pages+0x6ee/0x840\n[ 44.546523] ? ext4_setattr+0x2fa/0x750\n[ 44.546523] ? do_pte_missing+0x128/0xf70\n[ 44.546523] ? security_inode_post_setattr+0x3e/0xd0\n[ 44.546523] ? ___pte_offset_map+0x19/0x100\n[ 44.546523] ? handle_mm_fault+0x721/0xa10\n[ 44.546523] ? do_user_addr_fault+0x197/0x730\n[ 44.546523] ? do_syscall_64+0x76/0xf0\n[ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60\n[ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 44.546523] RIP: 0033:0x7f42999c6687\n[ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\n[ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012\n[ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687\n[ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003\n[ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000\n[ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38222" }, { "cve":"CVE-2025-38332", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Use memcpy() for BIOS version\n\nThe strlcat() with FORTIFY support is triggering a panic because it\nthinks the target buffer will overflow although the correct target\nbuffer size is passed in.\n\nAnyway, instead of memset() with 0 followed by a strlcat(), just use\nmemcpy() and ensure that the resulting buffer is NULL terminated.\n\nBIOSVersion is only used for the lpfc_printf_log() which expects a\nproperly terminated string.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38332" }, { "cve":"CVE-2025-38362", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null pointer check for get_first_active_display()\n\nThe function mod_hdcp_hdcp1_enable_encryption() calls the function\nget_first_active_display(), but does not check its return value.\nThe return value is a null pointer if the display list is empty.\nThis will lead to a null pointer dereference in\nmod_hdcp_hdcp2_enable_encryption().\n\nAdd a null pointer check for get_first_active_display() and return\nMOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38362" }, { "cve":"CVE-2025-38371", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Disable interrupts before resetting the GPU\n\nCurrently, an interrupt can be triggered during a GPU reset, which can\nlead to GPU hangs and NULL pointer dereference in an interrupt context\nas shown in the following trace:\n\n [ 314.035040] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n [ 314.043822] Mem abort info:\n [ 314.046606] ESR = 0x0000000096000005\n [ 314.050347] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 314.055651] SET = 0, FnV = 0\n [ 314.058695] EA = 0, S1PTW = 0\n [ 314.061826] FSC = 0x05: level 1 translation fault\n [ 314.066694] Data abort info:\n [ 314.069564] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n [ 314.075039] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n [ 314.080080] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [ 314.085382] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000102728000\n [ 314.091814] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n [ 314.100511] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n [ 314.106770] Modules linked in: v3d i2c_brcmstb vc4 snd_soc_hdmi_codec gpu_sched drm_shmem_helper drm_display_helper cec drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight\n [ 314.129654] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.25+rpt-rpi-v8 #1 Debian 1:6.12.25-1+rpt1\n [ 314.139388] Hardware name: Raspberry Pi 4 Model B Rev 1.4 (DT)\n [ 314.145211] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 314.152165] pc : v3d_irq+0xec/0x2e0 [v3d]\n [ 314.156187] lr : v3d_irq+0xe0/0x2e0 [v3d]\n [ 314.160198] sp : ffffffc080003ea0\n [ 314.163502] x29: ffffffc080003ea0 x28: ffffffec1f184980 x27: 021202b000000000\n [ 314.170633] x26: ffffffec1f17f630 x25: ffffff8101372000 x24: ffffffec1f17d9f0\n [ 314.177764] x23: 000000000000002a x22: 000000000000002a x21: ffffff8103252000\n [ 314.184895] x20: 0000000000000001 x19: 00000000deadbeef x18: 0000000000000000\n [ 314.192026] x17: ffffff94e51d2000 x16: ffffffec1dac3cb0 x15: c306000000000000\n [ 314.199156] x14: 0000000000000000 x13: b2fc982e03cc5168 x12: 0000000000000001\n [ 314.206286] x11: ffffff8103f8bcc0 x10: ffffffec1f196868 x9 : ffffffec1dac3874\n [ 314.213416] x8 : 0000000000000000 x7 : 0000000000042a3a x6 : ffffff810017a180\n [ 314.220547] x5 : ffffffec1ebad400 x4 : ffffffec1ebad320 x3 : 00000000000bebeb\n [ 314.227677] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n [ 314.234807] Call trace:\n [ 314.237243] v3d_irq+0xec/0x2e0 [v3d]\n [ 314.240906] __handle_irq_event_percpu+0x58/0x218\n [ 314.245609] handle_irq_event+0x54/0xb8\n [ 314.249439] handle_fasteoi_irq+0xac/0x240\n [ 314.253527] handle_irq_desc+0x48/0x68\n [ 314.257269] generic_handle_domain_irq+0x24/0x38\n [ 314.261879] gic_handle_irq+0x48/0xd8\n [ 314.265533] call_on_irq_stack+0x24/0x58\n [ 314.269448] do_interrupt_handler+0x88/0x98\n [ 314.273624] el1_interrupt+0x34/0x68\n [ 314.277193] el1h_64_irq_handler+0x18/0x28\n [ 314.281281] el1h_64_irq+0x64/0x68\n [ 314.284673] default_idle_call+0x3c/0x168\n [ 314.288675] do_idle+0x1fc/0x230\n [ 314.291895] cpu_startup_entry+0x3c/0x50\n [ 314.295810] rest_init+0xe4/0xf0\n [ 314.299030] start_kernel+0x5e8/0x790\n [ 314.302684] __primary_switched+0x80/0x90\n [ 314.306691] Code: 940029eb 360ffc13 f9442ea0 52800001 (f9406017)\n [ 314.312775] ---[ end trace 0000000000000000 ]---\n [ 314.317384] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n [ 314.324249] SMP: stopping secondary CPUs\n [ 314.328167] Kernel Offset: 0x2b9da00000 from 0xffffffc080000000\n [ 314.334076] PHYS_OFFSET: 0x0\n [ 314.336946] CPU features: 0x08,00002013,c0200000,0200421b\n [ 314.342337] Memory Limit: none\n [ 314.345382] ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nBefore resetting the G\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38371" }, { "cve":"CVE-2025-38386", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Refuse to evaluate a method if arguments are missing\n\nAs reported in [1], a platform firmware update that increased the number\nof method parameters and forgot to update a least one of its callers,\ncaused ACPICA to crash due to use-after-free.\n\nSince this a result of a clear AML issue that arguably cannot be fixed\nup by the interpreter (it cannot produce missing data out of thin air),\naddress it by making ACPICA refuse to evaluate a method if the caller\nattempts to pass fewer arguments than expected to it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.0, "vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38386" }, { "cve":"CVE-2025-38387", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert\n\nThe obj_event may be loaded immediately after inserted, then if the\nlist_head is not initialized then we may get a poisonous pointer. This\nfixes the crash below:\n\n mlx5_core 0000:03:00.0: MLX5E: StrdRq(1) RqSz(8) StrdSz(2048) RxCqeCmprss(0 enhanced)\n mlx5_core.sf mlx5_core.sf.4: firmware version: 32.38.3056\n mlx5_core 0000:03:00.0 en3f0pf0sf2002: renamed from eth0\n mlx5_core.sf mlx5_core.sf.4: Rate limit: 127 rates are supported, range: 0Mbps to 195312Mbps\n IPv6: ADDRCONF(NETDEV_CHANGE): en3f0pf0sf2002: link becomes ready\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000060\n Mem abort info:\n ESR = 0x96000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000007760fb000\n [0000000000000060] pgd=000000076f6d7003, p4d=000000076f6d7003, pud=0000000777841003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#1] SMP\n Modules linked in: ipmb_host(OE) act_mirred(E) cls_flower(E) sch_ingress(E) mptcp_diag(E) udp_diag(E) raw_diag(E) unix_diag(E) tcp_diag(E) inet_diag(E) binfmt_misc(E) bonding(OE) rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) isofs(E) cdrom(E) mst_pciconf(OE) ib_umad(OE) mlx5_ib(OE) ipmb_dev_int(OE) mlx5_core(OE) kpatch_15237886(OEK) mlxdevm(OE) auxiliary(OE) ib_uverbs(OE) ib_core(OE) psample(E) mlxfw(OE) tls(E) sunrpc(E) vfat(E) fat(E) crct10dif_ce(E) ghash_ce(E) sha1_ce(E) sbsa_gwdt(E) virtio_console(E) ext4(E) mbcache(E) jbd2(E) xfs(E) libcrc32c(E) mmc_block(E) virtio_net(E) net_failover(E) failover(E) sha2_ce(E) sha256_arm64(E) nvme(OE) nvme_core(OE) gpio_mlxbf3(OE) mlx_compat(OE) mlxbf_pmc(OE) i2c_mlxbf(OE) sdhci_of_dwcmshc(OE) pinctrl_mlxbf3(OE) mlxbf_pka(OE) gpio_generic(E) i2c_core(E) mmc_core(E) mlxbf_gige(OE) vitesse(E) pwr_mlxbf(OE) mlxbf_tmfifo(OE) micrel(E) mlxbf_bootctl(OE) virtio_ring(E) virtio(E) ipmi_devintf(E) ipmi_msghandler(E)\n [last unloaded: mst_pci]\n CPU: 11 PID: 20913 Comm: rte-worker-11 Kdump: loaded Tainted: G OE K 5.10.134-13.1.an8.aarch64 #1\n Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.2.2.12968 Oct 26 2023\n pstate: a0400089 (NzCv daIf +PAN -UAO -TCO BTYPE=--)\n pc : dispatch_event_fd+0x68/0x300 [mlx5_ib]\n lr : devx_event_notifier+0xcc/0x228 [mlx5_ib]\n sp : ffff80001005bcf0\n x29: ffff80001005bcf0 x28: 0000000000000001\n x27: ffff244e0740a1d8 x26: ffff244e0740a1d0\n x25: ffffda56beff5ae0 x24: ffffda56bf911618\n x23: ffff244e0596a480 x22: ffff244e0596a480\n x21: ffff244d8312ad90 x20: ffff244e0596a480\n x19: fffffffffffffff0 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffda56be66d620\n x15: 0000000000000000 x14: 0000000000000000\n x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000040 x10: ffffda56bfcafb50\n x9 : ffffda5655c25f2c x8 : 0000000000000010\n x7 : 0000000000000000 x6 : ffff24545a2e24b8\n x5 : 0000000000000003 x4 : ffff80001005bd28\n x3 : 0000000000000000 x2 : 0000000000000000\n x1 : ffff244e0596a480 x0 : ffff244d8312ad90\n Call trace:\n dispatch_event_fd+0x68/0x300 [mlx5_ib]\n devx_event_notifier+0xcc/0x228 [mlx5_ib]\n atomic_notifier_call_chain+0x58/0x80\n mlx5_eq_async_int+0x148/0x2b0 [mlx5_core]\n atomic_notifier_call_chain+0x58/0x80\n irq_int_handler+0x20/0x30 [mlx5_core]\n __handle_irq_event_percpu+0x60/0x220\n handle_irq_event_percpu+0x3c/0x90\n handle_irq_event+0x58/0x158\n handle_fasteoi_irq+0xfc/0x188\n generic_handle_irq+0x34/0x48\n ...", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38387" }, { "cve":"CVE-2025-38400", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.\n\nsyzbot reported a warning below [1] following a fault injection in\nnfs_fs_proc_net_init(). [0]\n\nWhen nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed.\n\nLater, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning\nis logged as the directory is not empty.\n\nLet's handle the error of nfs_fs_proc_net_init() properly.\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl (lib/dump_stack.c:123)\n should_fail_ex (lib/fault-inject.c:73 lib/fault-inject.c:174)\n should_failslab (mm/failslab.c:46)\n kmem_cache_alloc_noprof (mm/slub.c:4178 mm/slub.c:4204)\n __proc_create (fs/proc/generic.c:427)\n proc_create_reg (fs/proc/generic.c:554)\n proc_create_net_data (fs/proc/proc_net.c:120)\n nfs_fs_proc_net_init (fs/nfs/client.c:1409)\n nfs_net_init (fs/nfs/inode.c:2600)\n ops_init (net/core/net_namespace.c:138)\n setup_net (net/core/net_namespace.c:443)\n copy_net_ns (net/core/net_namespace.c:576)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_namespaces (kernel/nsproxy.c:218 (discriminator 4))\n ksys_unshare (kernel/fork.c:3123)\n __x64_sys_unshare (kernel/fork.c:3190)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \n\n[1]:\nremove_proc_entry: removing non-empty directory 'net/rpc', leaking at least 'nfs'\n WARNING: CPU: 1 PID: 6120 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nModules linked in:\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\n RIP: 0010:remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\nCode: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 40 ba a2 8b 48 c7 c7 60 b9 a2 8b e8 33 81 1d ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 04 69 5e ff 90 48 b8 00 00 00 00 00\nRSP: 0018:ffffc90003637b08 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff88805f534140 RCX: ffffffff817a92c8\nRDX: ffff88807da99e00 RSI: ffffffff817a92d5 RDI: 0000000000000001\nRBP: ffff888033431ac0 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff888033431a00\nR13: ffff888033431ae4 R14: ffff888033184724 R15: dffffc0000000000\nFS: 0000555580328500(0000) GS:ffff888124a62000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f71733743e0 CR3: 000000007f618000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n sunrpc_exit_net+0x46/0x90 net/sunrpc/sunrpc_syms.c:76\n ops_exit_list net/core/net_namespace.c:200 [inline]\n ops_undo_list+0x2eb/0xab0 net/core/net_namespace.c:253\n setup_net+0x2e1/0x510 net/core/net_namespace.c:457\n copy_net_ns+0x2a6/0x5f0 net/core/net_namespace.c:574\n create_new_namespaces+0x3ea/0xa90 kernel/nsproxy.c:110\n unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:218\n ksys_unshare+0x45b/0xa40 kernel/fork.c:3121\n __do_sys_unshare kernel/fork.c:3192 [inline]\n __se_sys_unshare kernel/fork.c:3190 [inline]\n __x64_sys_unshare+0x31/0x40 kernel/fork.c:3190\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x490 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fa1a6b8e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2025-38400" }, { "cve":"CVE-2025-38424", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix sample vs do_exit()\n\nBaisheng Gao reported an ARM64 crash, which Mark decoded as being a\nsynchronous external abort -- most likely due to trying to access\nMMIO in bad ways.\n\nThe crash further shows perf trying to do a user stack sample while in\nexit_mmap()'s tlb_finish_mmu() -- i.e. while tearing down the address\nspace it is trying to access.\n\nIt turns out that we stop perf after we tear down the userspace mm; a\nreceipie for disaster, since perf likes to access userspace for\nvarious reasons.\n\nFlip this order by moving up where we stop perf in do_exit().\n\nAdditionally, harden PERF_SAMPLE_CALLCHAIN and PERF_SAMPLE_STACK_USER\nto abort when the current task does not have an mm (exit_mm() makes\nsure to set current->mm = NULL; before commencing with the actual\nteardown). Such that CPU wide events don't trip on this same problem.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38424" }, { "cve":"CVE-2025-38439", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Set DMA unmap len correctly for XDP_REDIRECT\n\nWhen transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()\nwith the proper length instead of 0. This bug triggers this warning\non a system with IOMMU enabled:\n\nWARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170\nRIP: 0010:__iommu_dma_unmap+0x159/0x170\nCode: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45\nb8 4c 89 45 c0 e9 77 ff ff ff <0f> 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00\nRSP: 0018:ff22d31181150c88 EFLAGS: 00010206\nRAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000\nR10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000\nR13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00\nFS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0\nPKRU: 55555554\nCall Trace:\n\n? show_regs+0x6d/0x80\n? __warn+0x89/0x160\n? __iommu_dma_unmap+0x159/0x170\n? report_bug+0x17e/0x1b0\n? handle_bug+0x46/0x90\n? exc_invalid_op+0x18/0x80\n? asm_exc_invalid_op+0x1b/0x20\n? __iommu_dma_unmap+0x159/0x170\n? __iommu_dma_unmap+0xb3/0x170\niommu_dma_unmap_page+0x4f/0x100\ndma_unmap_page_attrs+0x52/0x220\n? srso_alias_return_thunk+0x5/0xfbef5\n? xdp_return_frame+0x2e/0xd0\nbnxt_tx_int_xdp+0xdf/0x440 [bnxt_en]\n__bnxt_poll_work_done+0x81/0x1e0 [bnxt_en]\nbnxt_poll+0xd3/0x1e0 [bnxt_en]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38439" }, { "cve":"CVE-2025-38474", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: net: sierra: check for no status endpoint\n\nThe driver checks for having three endpoints and\nhaving bulk in and out endpoints, but not that\nthe third endpoint is interrupt input.\nRectify the omission.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-38474" }, { "cve":"CVE-2025-38498", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller's mount namespace. This change aligns permission checking\nwith the rest of mount(2).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1963" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-276.0.0.178.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-276.0.0.178.oe2203sp3.src" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38498" } ] }