An update for kernel is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-2080 Final 1.0 1.0 2025-08-29 Initial 2025-08-29 2025-08-29 openEuler SA Tool V1.0 2025-08-29 kernel security update An update for kernel is now available for openEuler-20.03-LTS-SP4 The Linux Kernel, the operating system core itself. Security Fix(es): A vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been rated as problematic.Using CWE to declare the problem leads to CWE-252. The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch 119766de4930ff40db9f36b960cb53b0c400e81b/33163c68d2e3061fa3935b5f0a1867958b1cdbd2/9da3e442714f7f4393ff01c265c4959c03e88c2f/9a350f30d65197354706b7759b5c89d6c267b1a9/6bd2569d0b2f918e9581f744df0263caf73ee76c/4da7fcc098218ff92b2e83a43f545c02f714cedd/cdaa6d1cb2ff1219c6c822b27655dd170ffb0f72/9ad0452c0277b816a435433cca601304cfac7c21 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-19447).(CVE-2025-38086) In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.(CVE-2025-38177) A vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System) and classified as critical.Using CWE to declare the problem leads to CWE-911. The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.Impacted is availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 956f1499412ed0953f6a116df7fdb855e9f1fc66/f4ae0f61dd9a63329ecb49b1e6356139d43240b8/dc724bd34d56f5589f7587a091a8cda2386826c4/058dd4a370f23a5553a9449f2db53d5bfa88d45e/bde8833eb075ba8e8674de88e32de6b669966451/988edde4d52d5c02ea4dd95d7619372a5e2fb7b7/d092c7fd8e220b23d6c47e03d7d0cc79e731f379/10876da918fa1aec0227fb4c67647513447f53a9 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38181) A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.15.3 (Operating System).The manipulation of the argument ext4_prepare_inline_data with an unknown input leads to a unknown weakness.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch d3dfc60efd145df5324b99a244b0b05505cde29b/717414a8c083c376d4a8940a1230fe0c6ed4ee00/9d1d1c5bf4fc1af76be154d3afb2acdbd89ec7d8/cf5f319a2d8ab8238f8cf3a19463b9bff6420934/26e09d18599da0adc543eabd300080daaeda6869/5766da2237e539f259aa0e5f3639ae37b44ca458/e80ee0263d88d77f2fd1927f915003a7066cbb50/227cb4ca5a6502164f850d22aec3104d7888b270 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20034).(CVE-2025-38222) A vulnerability was found in Linux Kernel up to 6.16-rc4 (Operating System). It has been classified as critical.CWE is classifying the issue as CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.187, 6.1.144, 6.6.97, 6.12.37, 6.15.6 or 6.16-rc5 eliminates this vulnerability. Applying the patch 3b290923ad2b23596208c1e29520badef4356a43/e9921b57dca05ac5f4fa1fa8e993d4f0ee52e2b7/e269f29e9395527bc00c213c6b15da04ebb35070/7874c9c132e906a52a187d045995b115973c93fb/f680a4643c6f71e758d8fe0431a958e9a6a4f59d/a553afd91f55ff39b1e8a1c4989a29394c9e0472/a44acdd9e84a211989ff4b9b92bf3545d8456ad5/103406b38c600fec1fe375a77b27d87e314aea09 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38350) A vulnerability classified as critical was found in Linux Kernel up to 6.16-rc2 (Operating System).The manipulation of the argument method with an unknown input leads to a unknown weakness. The CWE definition for the vulnerability is CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.187, 6.1.144, 6.6.97, 6.12.37, 6.15.6 or 6.16-rc3 eliminates this vulnerability. Applying the patch b49d224d1830c46e20adce2a239c454cdab426f1/2219e49857ffd6aea1b1ca5214d3270f84623a16/ab1e8491c19eb2ea0fda81ef28e841c7cb6399f5/4305d936abde795c2ef6ba916de8f00a50f64d2d/d547779e72cea9865b732cd45393c4cd02b3598e/18ff4ed6a33a7e3f2097710eacc96bea7696e803/c9e4da550ae196132b990bd77ed3d8f2d9747f87/6fcab2791543924d438e7fa49276d0998b0a069f is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38386) A vulnerability was found in Linux Kernel up to 6.15.2 (Operating System). It has been declared as problematic.The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer.As an impact it is known to affect confidentiality.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch db7096ea160e40d78c67fce52e7cc51bde049497/549f9e3d7b60d53808c98b9fde49b4f46d0524a5/5c51aa862cbeed2f3887f0382a2708956710bd68/6abf6b78c6fb112eee495f5636ffcc350dd2ce25/4f99357dadbf9c979ad737156ad4c37fadf7c56b/0aff95d9bc7fb5400ca8af507429c4b067bdb425/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282/734aa85390ea693bb7eaf2240623d41b03705c84 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38415) In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool is allocated on the stack and assigned to conf->r1bio_pool. This results in conf->r1bio_pool.wait.head pointing to a stack address. Accessing this address later can lead to a kernel panic. Example access path: raid1_reshape() { // newpool is on the stack mempool_t newpool, oldpool; // initialize newpool.wait.head to stack address mempool_init(&newpool, ...); conf->r1bio_pool = newpool; } raid1_read_request() or raid1_write_request() { alloc_r1bio() { mempool_alloc() { // if pool->alloc fails remove_element() { --pool->curr_nr; } } } } mempool_free() { if (pool->curr_nr < pool->min_nr) { // pool->wait.head is a stack address // wake_up() will try to access this invalid address // which leads to a kernel panic return; wake_up(&pool->wait); } } Fix: reinit conf->r1bio_pool.wait after assigning newpool.(CVE-2025-38445) A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.16-rc5 (Operating System).Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.189, 6.1.146, 6.6.99, 6.12.39, 6.15.7 or 6.16-rc6 eliminates this vulnerability. Applying the patch 923a276c74e25073ae391e930792ac86a9f77f1e/90436e72c9622c2f70389070088325a3232d339f/25452638f133ac19d75af3f928327d8016952c8e/23c165dde88eac405eebb59051ea1fe139a45803/4c691d1b6b6dbd73f30ed9ee7da05f037b0c49af/8ecd651ef24ab50123692a4e3e25db93cb11602a/e28a383d6485c3bb51dc5953552f76c4dea33eea/ffdde7bf5a439aaa1955ebd581f5c64ab1533963 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38457) A vulnerability was found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7 (Operating System). It has been rated as problematic.Impacted is confidentiality, integrity, and availability.Upgrading to version 6.1.147, 6.6.100, 6.12.40 or 6.15.8 eliminates this vulnerability. Applying the patch 5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9/5dd6a441748dad2f02e27b256984ca0b2d4546b6/65c666aff44eb7f9079c55331abd9687fb77ba2d/bfe8ef373986e8f185d3d6613eb1801a8749837a/4c4ca3c46167518f8534ed70f6e3b4bf86c4d158 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38474) In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.(CVE-2025-38494) A vulnerability was found in Linux Kernel up to 6.15.6 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use.Impacted is availability.Upgrading to version 5.4.296, 5.10.240, 5.15.189, 6.1.146, 6.6.99, 6.12.39 or 6.15.7 eliminates this vulnerability. Applying the patch 549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0/e62f51d0ec8a9baf324caf9a564f8e318d36a551/ef841f8e4e1ff67817ca899bedc5ebb00847c0a7/f9a4f28a4fc4ee453a92a9abbe36e26224d17749/c64f5310530baf75328292f9b9f3f2961d185183/e2d6547dc8b9b332f9bc00875197287a6a4db65a/ef58a95457466849fa7b31fd3953801a5af0f58b/8af39ec5cf2be522c8eb43a3d8005ed59e4daaee is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-38515) An update for kernel is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High kernel https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38086 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38177 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38181 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38222 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38350 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38386 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38415 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38445 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38457 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38474 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38494 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-38515 https://nvd.nist.gov/vuln/detail/CVE-2025-38086 https://nvd.nist.gov/vuln/detail/CVE-2025-38177 https://nvd.nist.gov/vuln/detail/CVE-2025-38181 https://nvd.nist.gov/vuln/detail/CVE-2025-38222 https://nvd.nist.gov/vuln/detail/CVE-2025-38350 https://nvd.nist.gov/vuln/detail/CVE-2025-38386 https://nvd.nist.gov/vuln/detail/CVE-2025-38415 https://nvd.nist.gov/vuln/detail/CVE-2025-38445 https://nvd.nist.gov/vuln/detail/CVE-2025-38457 https://nvd.nist.gov/vuln/detail/CVE-2025-38474 https://nvd.nist.gov/vuln/detail/CVE-2025-38494 https://nvd.nist.gov/vuln/detail/CVE-2025-38515 openEuler-20.03-LTS-SP4 kernel-4.19.90-2508.3.0.0341.oe2003sp4.src.rpm bpftool-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm bpftool-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-debugsource-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-devel-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-source-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-tools-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-tools-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm kernel-tools-devel-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm perf-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm python2-perf-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm python2-perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm python3-perf-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm python3-perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.aarch64.rpm bpftool-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm bpftool-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-debugsource-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-devel-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-source-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-tools-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-tools-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm kernel-tools-devel-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm perf-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm python2-perf-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm python2-perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm python3-perf-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm python3-perf-debuginfo-4.19.90-2508.3.0.0341.oe2003sp4.x86_64.rpm A vulnerability was found in Linux Kernel up to 6.15.3 (Operating System). It has been rated as problematic.Using CWE to declare the problem leads to CWE-252. The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch 119766de4930ff40db9f36b960cb53b0c400e81b/33163c68d2e3061fa3935b5f0a1867958b1cdbd2/9da3e442714f7f4393ff01c265c4959c03e88c2f/9a350f30d65197354706b7759b5c89d6c267b1a9/6bd2569d0b2f918e9581f744df0263caf73ee76c/4da7fcc098218ff92b2e83a43f545c02f714cedd/cdaa6d1cb2ff1219c6c822b27655dd170ffb0f72/9ad0452c0277b816a435433cca601304cfac7c21 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-19447). 2025-08-29 CVE-2025-38086 openEuler-20.03-LTS-SP4 High 7.0 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe. 2025-08-29 CVE-2025-38177 openEuler-20.03-LTS-SP4 High 7.0 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability was found in Linux Kernel up to 6.16-rc2 (Operating System) and classified as critical.Using CWE to declare the problem leads to CWE-911. The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.Impacted is availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc3 eliminates this vulnerability. Applying the patch 956f1499412ed0953f6a116df7fdb855e9f1fc66/f4ae0f61dd9a63329ecb49b1e6356139d43240b8/dc724bd34d56f5589f7587a091a8cda2386826c4/058dd4a370f23a5553a9449f2db53d5bfa88d45e/bde8833eb075ba8e8674de88e32de6b669966451/988edde4d52d5c02ea4dd95d7619372a5e2fb7b7/d092c7fd8e220b23d6c47e03d7d0cc79e731f379/10876da918fa1aec0227fb4c67647513447f53a9 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38181 openEuler-20.03-LTS-SP4 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.15.3 (Operating System).The manipulation of the argument ext4_prepare_inline_data with an unknown input leads to a unknown weakness.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.95, 6.12.35, 6.15.4 or 6.16-rc1 eliminates this vulnerability. Applying the patch d3dfc60efd145df5324b99a244b0b05505cde29b/717414a8c083c376d4a8940a1230fe0c6ed4ee00/9d1d1c5bf4fc1af76be154d3afb2acdbd89ec7d8/cf5f319a2d8ab8238f8cf3a19463b9bff6420934/26e09d18599da0adc543eabd300080daaeda6869/5766da2237e539f259aa0e5f3639ae37b44ca458/e80ee0263d88d77f2fd1927f915003a7066cbb50/227cb4ca5a6502164f850d22aec3104d7888b270 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-20034). 2025-08-29 CVE-2025-38222 openEuler-20.03-LTS-SP4 Low 3.9 AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability was found in Linux Kernel up to 6.16-rc4 (Operating System). It has been classified as critical.CWE is classifying the issue as CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.This is going to have an impact on confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.187, 6.1.144, 6.6.97, 6.12.37, 6.15.6 or 6.16-rc5 eliminates this vulnerability. Applying the patch 3b290923ad2b23596208c1e29520badef4356a43/e9921b57dca05ac5f4fa1fa8e993d4f0ee52e2b7/e269f29e9395527bc00c213c6b15da04ebb35070/7874c9c132e906a52a187d045995b115973c93fb/f680a4643c6f71e758d8fe0431a958e9a6a4f59d/a553afd91f55ff39b1e8a1c4989a29394c9e0472/a44acdd9e84a211989ff4b9b92bf3545d8456ad5/103406b38c600fec1fe375a77b27d87e314aea09 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38350 openEuler-20.03-LTS-SP4 High 7.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability classified as critical was found in Linux Kernel up to 6.16-rc2 (Operating System).The manipulation of the argument method with an unknown input leads to a unknown weakness. The CWE definition for the vulnerability is CWE-416. Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.187, 6.1.144, 6.6.97, 6.12.37, 6.15.6 or 6.16-rc3 eliminates this vulnerability. Applying the patch b49d224d1830c46e20adce2a239c454cdab426f1/2219e49857ffd6aea1b1ca5214d3270f84623a16/ab1e8491c19eb2ea0fda81ef28e841c7cb6399f5/4305d936abde795c2ef6ba916de8f00a50f64d2d/d547779e72cea9865b732cd45393c4cd02b3598e/18ff4ed6a33a7e3f2097710eacc96bea7696e803/c9e4da550ae196132b990bd77ed3d8f2d9747f87/6fcab2791543924d438e7fa49276d0998b0a069f is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38386 openEuler-20.03-LTS-SP4 High 8.0 AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability was found in Linux Kernel up to 6.15.2 (Operating System). It has been declared as problematic.The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer.As an impact it is known to affect confidentiality.Upgrading to version 5.4.295, 5.10.239, 5.15.186, 6.1.142, 6.6.94, 6.12.34, 6.15.3 or 6.16-rc1 eliminates this vulnerability. Applying the patch db7096ea160e40d78c67fce52e7cc51bde049497/549f9e3d7b60d53808c98b9fde49b4f46d0524a5/5c51aa862cbeed2f3887f0382a2708956710bd68/6abf6b78c6fb112eee495f5636ffcc350dd2ce25/4f99357dadbf9c979ad737156ad4c37fadf7c56b/0aff95d9bc7fb5400ca8af507429c4b067bdb425/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282/734aa85390ea693bb7eaf2240623d41b03705c84 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38415 openEuler-20.03-LTS-SP4 Low 3.9 AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool is allocated on the stack and assigned to conf->r1bio_pool. This results in conf->r1bio_pool.wait.head pointing to a stack address. Accessing this address later can lead to a kernel panic. Example access path: raid1_reshape() { // newpool is on the stack mempool_t newpool, oldpool; // initialize newpool.wait.head to stack address mempool_init(&newpool, ...); conf->r1bio_pool = newpool; } raid1_read_request() or raid1_write_request() { alloc_r1bio() { mempool_alloc() { // if pool->alloc fails remove_element() { --pool->curr_nr; } } } } mempool_free() { if (pool->curr_nr < pool->min_nr) { // pool->wait.head is a stack address // wake_up() will try to access this invalid address // which leads to a kernel panic return; wake_up(&pool->wait); } } Fix: reinit conf->r1bio_pool.wait after assigning newpool. 2025-08-29 CVE-2025-38445 openEuler-20.03-LTS-SP4 Medium 5.7 AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.16-rc5 (Operating System).Impacted is confidentiality, integrity, and availability.Upgrading to version 5.4.296, 5.10.240, 5.15.189, 6.1.146, 6.6.99, 6.12.39, 6.15.7 or 6.16-rc6 eliminates this vulnerability. Applying the patch 923a276c74e25073ae391e930792ac86a9f77f1e/90436e72c9622c2f70389070088325a3232d339f/25452638f133ac19d75af3f928327d8016952c8e/23c165dde88eac405eebb59051ea1fe139a45803/4c691d1b6b6dbd73f30ed9ee7da05f037b0c49af/8ecd651ef24ab50123692a4e3e25db93cb11602a/e28a383d6485c3bb51dc5953552f76c4dea33eea/ffdde7bf5a439aaa1955ebd581f5c64ab1533963 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38457 openEuler-20.03-LTS-SP4 Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability was found in Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7 (Operating System). It has been rated as problematic.Impacted is confidentiality, integrity, and availability.Upgrading to version 6.1.147, 6.6.100, 6.12.40 or 6.15.8 eliminates this vulnerability. Applying the patch 5849980faea1c792d1d5e54fdbf1e69ac0a9bfb9/5dd6a441748dad2f02e27b256984ca0b2d4546b6/65c666aff44eb7f9079c55331abd9687fb77ba2d/bfe8ef373986e8f185d3d6613eb1801a8749837a/4c4ca3c46167518f8534ed70f6e3b4bf86c4d158 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38474 openEuler-20.03-LTS-SP4 Medium 5.5 AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used. 2025-08-29 CVE-2025-38494 openEuler-20.03-LTS-SP4 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080 A vulnerability was found in Linux Kernel up to 6.15.6 (Operating System). It has been rated as critical.Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use.Impacted is availability.Upgrading to version 5.4.296, 5.10.240, 5.15.189, 6.1.146, 6.6.99, 6.12.39 or 6.15.7 eliminates this vulnerability. Applying the patch 549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0/e62f51d0ec8a9baf324caf9a564f8e318d36a551/ef841f8e4e1ff67817ca899bedc5ebb00847c0a7/f9a4f28a4fc4ee453a92a9abbe36e26224d17749/c64f5310530baf75328292f9b9f3f2961d185183/e2d6547dc8b9b332f9bc00875197287a6a4db65a/ef58a95457466849fa7b31fd3953801a5af0f58b/8af39ec5cf2be522c8eb43a3d8005ed59e4daaee is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version. 2025-08-29 CVE-2025-38515 openEuler-20.03-LTS-SP4 Low 3.9 AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L kernel security update 2025-08-29 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2080