An update for kernel is now available for openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1466 Final 1.0 1.0 2025-05-09 Initial 2025-05-09 2025-05-09 openEuler SA Tool V1.0 2025-05-09 kernel security update An update for kernel is now available for openEuler-22.03-LTS-SP3 The Linux Kernel, the operating system core itself. Security Fix(es): In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the `jfs_truncate_nolock` function to avoid errors related to writing to a read-only filesystem. Call stack: block_write_begin() { jfs_write_failed() { jfs_truncate() { jfs_truncate_nolock() { txEnd() { ... log = JFS_SBI(tblk->sb)->log; // (log == NULL) If the `isReadOnly(ip)` condition is triggered in `jfs_truncate_nolock`, the function execution will stop, and no further data modification will occur. Instead, the `xtTruncate` function will be called with the "COMMIT_WMAP" flag, preventing modifications in "read-only" mode.(CVE-2024-58094) In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.(CVE-2025-21760) In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF.(CVE-2025-21761) In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.(CVE-2025-21762) In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.(CVE-2025-21763) In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.(CVE-2025-21764) An update for kernel is now available for openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High kernel https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58094 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21760 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21761 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21762 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21763 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-21764 https://nvd.nist.gov/vuln/detail/CVE-2024-58094 https://nvd.nist.gov/vuln/detail/CVE-2025-21760 https://nvd.nist.gov/vuln/detail/CVE-2025-21761 https://nvd.nist.gov/vuln/detail/CVE-2025-21762 https://nvd.nist.gov/vuln/detail/CVE-2025-21763 https://nvd.nist.gov/vuln/detail/CVE-2025-21764 openEuler-22.03-LTS-SP3 kernel-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-debuginfo-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-debugsource-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-devel-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-headers-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-source-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-tools-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-tools-debuginfo-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-tools-devel-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm perf-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm perf-debuginfo-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm python3-perf-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm python3-perf-debuginfo-5.10.0-262.0.0.164.oe2203sp3.aarch64.rpm kernel-5.10.0-262.0.0.164.oe2203sp3.src.rpm kernel-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-debuginfo-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-debugsource-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-devel-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-headers-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-source-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-tools-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-tools-debuginfo-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm kernel-tools-devel-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm perf-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm perf-debuginfo-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm python3-perf-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm python3-perf-debuginfo-5.10.0-262.0.0.164.oe2203sp3.x86_64.rpm In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the `jfs_truncate_nolock` function to avoid errors related to writing to a read-only filesystem. Call stack: block_write_begin() { jfs_write_failed() { jfs_truncate() { jfs_truncate_nolock() { txEnd() { ... log = JFS_SBI(tblk->sb)->log; // (log == NULL) If the `isReadOnly(ip)` condition is triggered in `jfs_truncate_nolock`, the function execution will stop, and no further data modification will occur. Instead, the `xtTruncate` function will be called with the "COMMIT_WMAP" flag, preventing modifications in "read-only" mode. 2025-05-09 CVE-2024-58094 openEuler-22.03-LTS-SP3 Low 3.9 AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF. 2025-05-09 CVE-2025-21760 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() ovs_vport_cmd_fill_info() can be called without RTNL or RCU. Use RCU protection and dev_net_rcu() to avoid potential UAF. 2025-05-09 CVE-2025-21761 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. 2025-05-09 CVE-2025-21762 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in __neigh_notify() __neigh_notify() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF. 2025-05-09 CVE-2025-21763 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466 In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF. 2025-05-09 CVE-2025-21764 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1466