{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: davinci: vpif: fix use-after-free on driver unbind\n\nThe driver allocates and registers two platform device structures during\nprobe, but the devices were never deregistered on driver unbind.\n\nThis results in a use-after-free on driver unbind as the device\nstructures were allocated using devres and would be freed by driver\ncore when remove() returns.\n\nFix this by adding the missing deregistration calls to the remove()\ncallback and failing probe on registration errors.\n\nNote that the platform device structures must be freed using a proper\nrelease callback to avoid leaking associated resources like device\nnames.(CVE-2021-47653)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmmc: core: use sysfs_emit() instead of sprintf()\n\nsprintf() (still used in the MMC core for the sysfs output) is vulnerable\nto the buffer overflow. Use the new-fangled sysfs_emit() instead.\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.(CVE-2022-49267)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event\n\nWe should not access skb buffer data anymore after hci_recv_frame was\ncalled.\n\n[ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+0x1b0\n[ 39.634855] Read of size 1 at addr ffffff80cf28a60d by task kworker\n[ 39.634962] Call trace:\n[ 39.634974] dump_backtrace+0x0/0x3b8\n[ 39.634999] show_stack+0x20/0x2c\n[ 39.635016] dump_stack_lvl+0x60/0x78\n[ 39.635040] print_address_description+0x70/0x2f0\n[ 39.635062] kasan_report+0x154/0x194\n[ 39.635079] __asan_report_load1_noabort+0x44/0x50\n[ 39.635099] btmtksdio_recv_event+0x1b0/0x1c4\n[ 39.635129] btmtksdio_txrx_work+0x6cc/0xac4\n[ 39.635157] process_one_work+0x560/0xc5c\n[ 39.635177] worker_thread+0x7ec/0xcc0\n[ 39.635195] kthread+0x2d0/0x3d0\n[ 39.635215] ret_from_fork+0x10/0x20\n[ 39.635247] Allocated by task 0:\n[ 39.635260] (stack is not available)\n[ 39.635281] Freed by task 2392:\n[ 39.635295] kasan_save_stack+0x38/0x68\n[ 39.635319] kasan_set_track+0x28/0x3c\n[ 39.635338] kasan_set_free_info+0x28/0x4c\n[ 39.635357] ____kasan_slab_free+0x104/0x150\n[ 39.635374] __kasan_slab_free+0x18/0x28\n[ 39.635391] slab_free_freelist_hook+0x114/0x248\n[ 39.635410] kfree+0xf8/0x2b4\n[ 39.635427] skb_free_head+0x58/0x98\n[ 39.635447] skb_release_data+0x2f4/0x410\n[ 39.635464] skb_release_all+0x50/0x60\n[ 39.635481] kfree_skb+0xc8/0x25c\n[ 39.635498] hci_event_packet+0x894/0xca4 [bluetooth]\n[ 39.635721] hci_rx_work+0x1c8/0x68c [bluetooth]\n[ 39.635925] process_one_work+0x560/0xc5c\n[ 39.635951] worker_thread+0x7ec/0xcc0\n[ 39.635970] kthread+0x2d0/0x3d0\n[ 39.635990] ret_from_fork+0x10/0x20\n[ 39.636021] The buggy address belongs to the object at ffffff80cf28a600\n which belongs to the cache kmalloc-512 of size 512\n[ 39.636039] The buggy address is located 13 bytes inside of\n 512-byte region [ffffff80cf28a600, ffffff80cf28a800)(CVE-2022-49470)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.(CVE-2023-53305)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n \n skb_push+0xc4/0xe0\n ip6mr_cache_report+0xd69/0x19b0\n reg_vif_xmit+0x406/0x690\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n vlan_dev_hard_start_xmit+0x3ab/0x5c0\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n neigh_connected_output+0x3ed/0x570\n ip6_finish_output2+0x5b5/0x1950\n ip6_finish_output+0x693/0x11c0\n ip6_output+0x24b/0x880\n NF_HOOK.constprop.0+0xfd/0x530\n ndisc_send_skb+0x9db/0x1400\n ndisc_send_rs+0x12a/0x6c0\n addrconf_dad_completed+0x3c9/0xea0\n addrconf_dad_work+0x849/0x1420\n process_one_work+0xa22/0x16e0\n worker_thread+0x679/0x10c0\n ret_from_fork+0x28/0x60\n ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n ip6mr_cache_report()\n skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb->data -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.(CVE-2023-53365)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix handling of lrbp->cmd\n\nufshcd_queuecommand() may be called two times in a row for a SCSI command\nbefore it is completed. Hence make the following changes:\n\n - In the functions that submit a command, do not check the old value of\n lrbp->cmd nor clear lrbp->cmd in error paths.\n\n - In ufshcd_release_scsi_cmd(), do not clear lrbp->cmd.\n\nSee also scsi_send_eh_cmnd().\n\nThis commit prevents that the following appears if a command times out:\n\nWARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8\nCall trace:\n ufshcd_queuecommand+0x6f8/0x9a8\n scsi_send_eh_cmnd+0x2c0/0x960\n scsi_eh_test_devices+0x100/0x314\n scsi_eh_ready_devs+0xd90/0x114c\n scsi_error_handler+0x2b4/0xb70\n kthread+0x16c/0x1e0(CVE-2023-53510)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It's always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it's\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.(CVE-2024-58007)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299(CVE-2024-58095)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that's discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/(CVE-2025-21693)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in smb2_lock\n\nIf smb_lock->zero_len has value, ->llist of smb_lock is not delete and\nflock is old one. It will cause use-after-free on error handling\nroutine.(CVE-2025-21945)\n\nIn the Linux kernel, the following vulnerability has been resolved:net: dsa: free routing table on probe failureIf complete = true in dsa_tree_setup(), it means that we are the lastswitch of the tree which is successfully probing, and we should besetting up all switches from our probe path.After complete becomes true, dsa_tree_setup_cpu_ports() or anysubsequent function may fail. If that happens, the entire tree setup isin limbo: the first N-1 switches have successfully finished probing(doing nothing but having allocated persistent memory in the tree sdst->ports, and maybe dst->rtable), and switch N failed to probe, endingthe tree setup process before anything is tangible from the user s PoV.If switch N fails to probe, its memory (ports) will be freed and removedfrom dst->ports. However, the dst->rtable elements pointing to its ports,as created by dsa_link_touch(), will remain there, and will lead touse-after-free if dereferenced.If dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirelypossible because that is where ds->ops->setup() is, we get a kasanreport like this:==================================================================BUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568Read of size 8 at addr ffff000004f56020 by task kworker/u8:3/42Call trace: __asan_report_load8_noabort+0x20/0x30 mv88e6xxx_setup_upstream_port+0x240/0x568 mv88e6xxx_setup+0xebc/0x1eb0 dsa_register_switch+0x1af4/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350Allocated by task 42: __kasan_kmalloc+0x84/0xa0 __kmalloc_cache_noprof+0x298/0x490 dsa_switch_touch_ports+0x174/0x3d8 dsa_register_switch+0x800/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350Freed by task 42: __kasan_slab_free+0x48/0x68 kfree+0x138/0x418 dsa_register_switch+0x2694/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350The simplest way to fix the bug is to delete the routing table in itsentirety. dsa_tree_setup_routing_table() has no problem in regeneratingit even if we deleted links between ports other than those of switch N,because dsa_link_touch() first checks whether the port pair alreadyexists in dst->rtable, allocating if not.The deletion of the routing table in its entirety already exists indsa_tree_teardown(), so refactor that into a function that can also becalled from the tree setup error path.In my analysis of the commit to blame, it is the one which addeddsa_link elements to dst->rtable. Prior to that, each switch had its ownds->rtable which is freed when the switch fails to probe. But the treeis potentially persistent memory.(CVE-2025-37786)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in session logoff\n\nThe sess->user object can currently be in use by another thread, for\nexample if another connection has sent a session setup request to\nbind to the session being free'd. The handler for that connection could\nbe in the smb2_sess_setup function which makes use of sess->user.(CVE-2025-37899)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.(CVE-2025-37994)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.(CVE-2025-37997)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops->may_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[(CVE-2025-38084)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when 'agg' is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.(CVE-2025-38477)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix slab-out-of-bounds in efivarfs_d_compare\n\nObserved on kernel 6.6 (present on master as well):\n\n BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0\n Call trace:\n kasan_check_range+0xe8/0x190\n __asan_loadN+0x1c/0x28\n memcmp+0x98/0xd0\n efivarfs_d_compare+0x68/0xd8\n __d_lookup_rcu_op_compare+0x178/0x218\n __d_lookup_rcu+0x1f8/0x228\n d_alloc_parallel+0x150/0x648\n lookup_open.isra.0+0x5f0/0x8d0\n open_last_lookups+0x264/0x828\n path_openat+0x130/0x3f8\n do_filp_open+0x114/0x248\n do_sys_openat2+0x340/0x3c0\n __arm64_sys_openat+0x120/0x1a0\n\nIf dentry->d_name.len < EFI_VARIABLE_GUID_LEN , 'guid' can become\nnegative, leadings to oob. The issue can be triggered by parallel\nlookups using invalid filename:\n\n T1\t\t\tT2\n lookup_open\n ->lookup\n simple_lookup\n d_add\n // invalid dentry is added to hash list\n\n\t\t\tlookup_open\n\t\t\t d_alloc_parallel\n\t\t\t __d_lookup_rcu\n\t\t\t __d_lookup_rcu_op_compare\n\t\t\t hlist_bl_for_each_entry_rcu\n\t\t\t // invalid dentry can be retrieved\n\t\t\t ->d_compare\n\t\t\t efivarfs_d_compare\n\t\t\t // oob\n\nFix it by checking 'guid' before cmp.(CVE-2025-39817)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tuner: xc5000: Fix use-after-free in xc5000_release\n\nThe original code uses cancel_delayed_work() in xc5000_release(), which\ndoes not guarantee that the delayed work item timer_sleep has fully\ncompleted if it was already running. This leads to use-after-free scenarios\nwhere xc5000_release() may free the xc5000_priv while timer_sleep is still\nactive and attempts to dereference the xc5000_priv.\n\nA typical race condition is illustrated below:\n\nCPU 0 (release thread) | CPU 1 (delayed work callback)\nxc5000_release() | xc5000_do_timer_sleep()\n cancel_delayed_work() |\n hybrid_tuner_release_state(priv) |\n kfree(priv) |\n | priv = container_of() // UAF\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the timer_sleep is properly canceled before the xc5000_priv memory\nis deallocated.\n\nA deadlock concern was considered: xc5000_release() is called in a process\ncontext and is not holding any locks that the timer_sleep work item might\nalso need. Therefore, the use of the _sync() variant is safe here.\n\nThis bug was initially identified through static analysis.\n\n[hverkuil: fix typo in Subject: tunner -> tuner](CVE-2025-39994)\n\nIn the Linux kernel, the Squashfs filesystem contains an uninitialized value vulnerability. When open_by_handle_at() is called with a file handle containing an invalid parent inode number (specifically that of a symbolic link rather than a directory), squashfs_get_parent() accesses the uninitialized parent member field, causing an uninitialized value access. The fix initializes the parent field with the invalid inode 0.(CVE-2025-40049)\n\nIn the Linux kernel, a use-after-free vulnerability exists in the TLS module's get_netdev_for_sock() function. This function is called during setsockopt() operations without RCU protection. Using sk_dst_get(sk)->dev could trigger use-after-free, potentially causing program crashes, unexpected value usage, or arbitrary code execution.(CVE-2025-40149)\n\nA security vulnerability was discovered in the Linux kernel network subsystem involving inadequate RCU (Read-Copy-Update) protection for accesses to dst->dev. The affected functions include sk_setup_caps(), sk_dst_gso_max_size(), ip6_dst_mtu_maybe_forward(), ip_dst_mtu_maybe_forward(), and ip4_dst_hoplimit(). An attacker could potentially exploit this vulnerability to cause privilege escalation or system crashes.(CVE-2025-40170)\n\nIn the Linux kernel, the SCTP protocol's MAC comparison implementation was vulnerable to timing attacks. This vulnerability allows attackers to infer MAC values through timing analysis, potentially bypassing security validation. The fix modifies the MAC comparison to use constant-time comparison to prevent timing attacks.(CVE-2025-40204)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2772", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" }, { "summary":"CVE-2021-47653", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47653&packageName=kernel" }, { "summary":"CVE-2022-49267", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49267&packageName=kernel" }, { "summary":"CVE-2022-49470", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49470&packageName=kernel" }, { "summary":"CVE-2023-53305", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53305&packageName=kernel" }, { "summary":"CVE-2023-53365", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53365&packageName=kernel" }, { "summary":"CVE-2023-53510", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-53510&packageName=kernel" }, { "summary":"CVE-2024-58007", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58007&packageName=kernel" }, { "summary":"CVE-2024-58095", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58095&packageName=kernel" }, { "summary":"CVE-2025-21693", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21693&packageName=kernel" }, { "summary":"CVE-2025-21945", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21945&packageName=kernel" }, { "summary":"CVE-2025-37786", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37786&packageName=kernel" }, { "summary":"CVE-2025-37899", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37899&packageName=kernel" }, { "summary":"CVE-2025-37994", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37994&packageName=kernel" }, { "summary":"CVE-2025-37997", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-37997&packageName=kernel" }, { "summary":"CVE-2025-38084", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38084&packageName=kernel" }, { "summary":"CVE-2025-38477", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38477&packageName=kernel" }, { "summary":"CVE-2025-39817", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39817&packageName=kernel" }, { "summary":"CVE-2025-39994", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-39994&packageName=kernel" }, { "summary":"CVE-2025-40049", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40049&packageName=kernel" }, { "summary":"CVE-2025-40149", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40149&packageName=kernel" }, { "summary":"CVE-2025-40170", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40170&packageName=kernel" }, { "summary":"CVE-2025-40204", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-40204&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47653" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49267" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49470" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53305" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53365" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53510" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58007" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58095" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21693" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-21945" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37786" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37899" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37994" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-37997" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38084" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38477" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39817" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-39994" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40049" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40149" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40170" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40204" }, { "summary":"openEuler-SA-2025-2772 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openEuler-SA-2025-2772.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "tracking":{ "initial_release_date":"2025-12-08T14:38:28+08:00", "revision_history":[ { "date":"2025-12-08T14:38:28+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-12-08T14:38:28+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-12-08T14:38:28+08:00", "id":"openEuler-SA-2025-2772", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-293.0.0.195.oe2203sp3.src.rpm", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.src.rpm" }, "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"perf-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-293.0.0.195.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"perf-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "name":"python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2021-47653", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: davinci: vpif: fix use-after-free on driver unbind\n\nThe driver allocates and registers two platform device structures during\nprobe, but the devices were never deregistered on driver unbind.\n\nThis results in a use-after-free on driver unbind as the device\nstructures were allocated using devres and would be freed by driver\ncore when remove() returns.\n\nFix this by adding the missing deregistration calls to the remove()\ncallback and failing probe on registration errors.\n\nNote that the platform device structures must be freed using a proper\nrelease callback to avoid leaking associated resources like device\nnames.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2021-47653" }, { "cve":"CVE-2022-49267", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: core: use sysfs_emit() instead of sprintf()\n\nsprintf() (still used in the MMC core for the sysfs output) is vulnerable\nto the buffer overflow. Use the new-fangled sysfs_emit() instead.\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2022-49267" }, { "cve":"CVE-2022-49470", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event\n\nWe should not access skb buffer data anymore after hci_recv_frame was\ncalled.\n\n[ 39.634809] BUG: KASAN: use-after-free in btmtksdio_recv_event+0x1b0\n[ 39.634855] Read of size 1 at addr ffffff80cf28a60d by task kworker\n[ 39.634962] Call trace:\n[ 39.634974] dump_backtrace+0x0/0x3b8\n[ 39.634999] show_stack+0x20/0x2c\n[ 39.635016] dump_stack_lvl+0x60/0x78\n[ 39.635040] print_address_description+0x70/0x2f0\n[ 39.635062] kasan_report+0x154/0x194\n[ 39.635079] __asan_report_load1_noabort+0x44/0x50\n[ 39.635099] btmtksdio_recv_event+0x1b0/0x1c4\n[ 39.635129] btmtksdio_txrx_work+0x6cc/0xac4\n[ 39.635157] process_one_work+0x560/0xc5c\n[ 39.635177] worker_thread+0x7ec/0xcc0\n[ 39.635195] kthread+0x2d0/0x3d0\n[ 39.635215] ret_from_fork+0x10/0x20\n[ 39.635247] Allocated by task 0:\n[ 39.635260] (stack is not available)\n[ 39.635281] Freed by task 2392:\n[ 39.635295] kasan_save_stack+0x38/0x68\n[ 39.635319] kasan_set_track+0x28/0x3c\n[ 39.635338] kasan_set_free_info+0x28/0x4c\n[ 39.635357] ____kasan_slab_free+0x104/0x150\n[ 39.635374] __kasan_slab_free+0x18/0x28\n[ 39.635391] slab_free_freelist_hook+0x114/0x248\n[ 39.635410] kfree+0xf8/0x2b4\n[ 39.635427] skb_free_head+0x58/0x98\n[ 39.635447] skb_release_data+0x2f4/0x410\n[ 39.635464] skb_release_all+0x50/0x60\n[ 39.635481] kfree_skb+0xc8/0x25c\n[ 39.635498] hci_event_packet+0x894/0xca4 [bluetooth]\n[ 39.635721] hci_rx_work+0x1c8/0x68c [bluetooth]\n[ 39.635925] process_one_work+0x560/0xc5c\n[ 39.635951] worker_thread+0x7ec/0xcc0\n[ 39.635970] kthread+0x2d0/0x3d0\n[ 39.635990] ret_from_fork+0x10/0x20\n[ 39.636021] The buggy address belongs to the object at ffffff80cf28a600\n which belongs to the cache kmalloc-512 of size 512\n[ 39.636039] The buggy address is located 13 bytes inside of\n 512-byte region [ffffff80cf28a600, ffffff80cf28a800)", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2022-49470" }, { "cve":"CVE-2023-53305", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-53305" }, { "cve":"CVE-2023-53365", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n \n skb_push+0xc4/0xe0\n ip6mr_cache_report+0xd69/0x19b0\n reg_vif_xmit+0x406/0x690\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n vlan_dev_hard_start_xmit+0x3ab/0x5c0\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n neigh_connected_output+0x3ed/0x570\n ip6_finish_output2+0x5b5/0x1950\n ip6_finish_output+0x693/0x11c0\n ip6_output+0x24b/0x880\n NF_HOOK.constprop.0+0xfd/0x530\n ndisc_send_skb+0x9db/0x1400\n ndisc_send_rs+0x12a/0x6c0\n addrconf_dad_completed+0x3c9/0xea0\n addrconf_dad_work+0x849/0x1420\n process_one_work+0xa22/0x16e0\n worker_thread+0x679/0x10c0\n ret_from_fork+0x28/0x60\n ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n ip6mr_cache_report()\n skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb->data -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-53365" }, { "cve":"CVE-2023-53510", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix handling of lrbp->cmd\n\nufshcd_queuecommand() may be called two times in a row for a SCSI command\nbefore it is completed. Hence make the following changes:\n\n - In the functions that submit a command, do not check the old value of\n lrbp->cmd nor clear lrbp->cmd in error paths.\n\n - In ufshcd_release_scsi_cmd(), do not clear lrbp->cmd.\n\nSee also scsi_send_eh_cmnd().\n\nThis commit prevents that the following appears if a command times out:\n\nWARNING: at drivers/ufs/core/ufshcd.c:2965 ufshcd_queuecommand+0x6f8/0x9a8\nCall trace:\n ufshcd_queuecommand+0x6f8/0x9a8\n scsi_send_eh_cmnd+0x2c0/0x960\n scsi_eh_test_devices+0x100/0x314\n scsi_eh_ready_devs+0xd90/0x114c\n scsi_error_handler+0x2b4/0xb70\n kthread+0x16c/0x1e0", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2023-53510" }, { "cve":"CVE-2024-58007", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It's always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it's\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-58007" }, { "cve":"CVE-2024-58095", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-58095" }, { "cve":"CVE-2025-21693", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that's discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21693" }, { "cve":"CVE-2025-21945", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in smb2_lock\n\nIf smb_lock->zero_len has value, ->llist of smb_lock is not delete and\nflock is old one. It will cause use-after-free on error handling\nroutine.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-21945" }, { "cve":"CVE-2025-37786", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:net: dsa: free routing table on probe failureIf complete = true in dsa_tree_setup(), it means that we are the lastswitch of the tree which is successfully probing, and we should besetting up all switches from our probe path.After complete becomes true, dsa_tree_setup_cpu_ports() or anysubsequent function may fail. If that happens, the entire tree setup isin limbo: the first N-1 switches have successfully finished probing(doing nothing but having allocated persistent memory in the tree sdst->ports, and maybe dst->rtable), and switch N failed to probe, endingthe tree setup process before anything is tangible from the user s PoV.If switch N fails to probe, its memory (ports) will be freed and removedfrom dst->ports. However, the dst->rtable elements pointing to its ports,as created by dsa_link_touch(), will remain there, and will lead touse-after-free if dereferenced.If dsa_tree_setup_switches() returns -EPROBE_DEFER, which is entirelypossible because that is where ds->ops->setup() is, we get a kasanreport like this:==================================================================BUG: KASAN: slab-use-after-free in mv88e6xxx_setup_upstream_port+0x240/0x568Read of size 8 at addr ffff000004f56020 by task kworker/u8:3/42Call trace: __asan_report_load8_noabort+0x20/0x30 mv88e6xxx_setup_upstream_port+0x240/0x568 mv88e6xxx_setup+0xebc/0x1eb0 dsa_register_switch+0x1af4/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350Allocated by task 42: __kasan_kmalloc+0x84/0xa0 __kmalloc_cache_noprof+0x298/0x490 dsa_switch_touch_ports+0x174/0x3d8 dsa_register_switch+0x800/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350Freed by task 42: __kasan_slab_free+0x48/0x68 kfree+0x138/0x418 dsa_register_switch+0x2694/0x2ae0 mv88e6xxx_register_switch+0x1b8/0x2a8 mv88e6xxx_probe+0xc4c/0xf60 mdio_probe+0x78/0xb8 really_probe+0x2b8/0x5a8 __driver_probe_device+0x164/0x298 driver_probe_device+0x78/0x258 __device_attach_driver+0x274/0x350The simplest way to fix the bug is to delete the routing table in itsentirety. dsa_tree_setup_routing_table() has no problem in regeneratingit even if we deleted links between ports other than those of switch N,because dsa_link_touch() first checks whether the port pair alreadyexists in dst->rtable, allocating if not.The deletion of the routing table in its entirety already exists indsa_tree_teardown(), so refactor that into a function that can also becalled from the tree setup error path.In my analysis of the commit to blame, it is the one which addeddsa_link elements to dst->rtable. Prior to that, each switch had its ownds->rtable which is freed when the switch fails to probe. But the treeis potentially persistent memory.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-37786" }, { "cve":"CVE-2025-37899", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix use-after-free in session logoff\n\nThe sess->user object can currently be in use by another thread, for\nexample if another connection has sent a session setup request to\nbind to the session being free'd. The handler for that connection could\nbe in the smb2_sess_setup function which makes use of sess->user.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-37899" }, { "cve":"CVE-2025-37994", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: displayport: Fix NULL pointer access\n\nThis patch ensures that the UCSI driver waits for all pending tasks in the\nucsi_displayport_work workqueue to finish executing before proceeding with\nthe partner removal.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.4, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-37994" }, { "cve":"CVE-2025-37997", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-37997" }, { "cve":"CVE-2025-38084", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops->may_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38084" }, { "cve":"CVE-2025-38477", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when 'agg' is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.3, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-38477" }, { "cve":"CVE-2025-39817", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix slab-out-of-bounds in efivarfs_d_compare\n\nObserved on kernel 6.6 (present on master as well):\n\n BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0\n Call trace:\n kasan_check_range+0xe8/0x190\n __asan_loadN+0x1c/0x28\n memcmp+0x98/0xd0\n efivarfs_d_compare+0x68/0xd8\n __d_lookup_rcu_op_compare+0x178/0x218\n __d_lookup_rcu+0x1f8/0x228\n d_alloc_parallel+0x150/0x648\n lookup_open.isra.0+0x5f0/0x8d0\n open_last_lookups+0x264/0x828\n path_openat+0x130/0x3f8\n do_filp_open+0x114/0x248\n do_sys_openat2+0x340/0x3c0\n __arm64_sys_openat+0x120/0x1a0\n\nIf dentry->d_name.len < EFI_VARIABLE_GUID_LEN , 'guid' can become\nnegative, leadings to oob. The issue can be triggered by parallel\nlookups using invalid filename:\n\n T1\t\t\tT2\n lookup_open\n ->lookup\n simple_lookup\n d_add\n // invalid dentry is added to hash list\n\n\t\t\tlookup_open\n\t\t\t d_alloc_parallel\n\t\t\t __d_lookup_rcu\n\t\t\t __d_lookup_rcu_op_compare\n\t\t\t hlist_bl_for_each_entry_rcu\n\t\t\t // invalid dentry can be retrieved\n\t\t\t ->d_compare\n\t\t\t efivarfs_d_compare\n\t\t\t // oob\n\nFix it by checking 'guid' before cmp.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39817" }, { "cve":"CVE-2025-39994", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tuner: xc5000: Fix use-after-free in xc5000_release\n\nThe original code uses cancel_delayed_work() in xc5000_release(), which\ndoes not guarantee that the delayed work item timer_sleep has fully\ncompleted if it was already running. This leads to use-after-free scenarios\nwhere xc5000_release() may free the xc5000_priv while timer_sleep is still\nactive and attempts to dereference the xc5000_priv.\n\nA typical race condition is illustrated below:\n\nCPU 0 (release thread) | CPU 1 (delayed work callback)\nxc5000_release() | xc5000_do_timer_sleep()\n cancel_delayed_work() |\n hybrid_tuner_release_state(priv) |\n kfree(priv) |\n | priv = container_of() // UAF\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the timer_sleep is properly canceled before the xc5000_priv memory\nis deallocated.\n\nA deadlock concern was considered: xc5000_release() is called in a process\ncontext and is not holding any locks that the timer_sleep work item might\nalso need. Therefore, the use of the _sync() variant is safe here.\n\nThis bug was initially identified through static analysis.\n\n[hverkuil: fix typo in Subject: tunner -> tuner]", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-39994" }, { "cve":"CVE-2025-40049", "notes":[ { "text":"In the Linux kernel, the Squashfs filesystem contains an uninitialized value vulnerability. When open_by_handle_at() is called with a file handle containing an invalid parent inode number (specifically that of a symbolic link rather than a directory), squashfs_get_parent() accesses the uninitialized parent member field, causing an uninitialized value access. The fix initializes the parent field with the invalid inode 0.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40049" }, { "cve":"CVE-2025-40149", "notes":[ { "text":"In the Linux kernel, a use-after-free vulnerability exists in the TLS module's get_netdev_for_sock() function. This function is called during setsockopt() operations without RCU protection. Using sk_dst_get(sk)->dev could trigger use-after-free, potentially causing program crashes, unexpected value usage, or arbitrary code execution.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.0, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40149" }, { "cve":"CVE-2025-40170", "notes":[ { "text":"A security vulnerability was discovered in the Linux kernel network subsystem involving inadequate RCU (Read-Copy-Update) protection for accesses to dst->dev. The affected functions include sk_setup_caps(), sk_dst_gso_max_size(), ip6_dst_mtu_maybe_forward(), ip_dst_mtu_maybe_forward(), and ip4_dst_hoplimit(). An attacker could potentially exploit this vulnerability to cause privilege escalation or system crashes.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.4, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2025-40170" }, { "cve":"CVE-2025-40204", "notes":[ { "text":"In the Linux kernel, the SCTP protocol's MAC comparison implementation was vulnerable to timing attacks. This vulnerability allows attackers to infer MAC values through timing analysis, potentially bypassing security validation. The fix modifies the MAC comparison to use constant-time comparison to prevent timing attacks.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2772" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.3, "vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-293.0.0.195.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-293.0.0.195.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-40204" } ] }